Soxproject Sox
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Soxproject Sox.
By the Year
In 2026 there have been 0 vulnerabilities in Soxproject Sox. Sox did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 3 | 6.27 |
| 2022 | 7 | 6.01 |
It may take a day or so for new Sox vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Soxproject Sox Security Vulnerabilities
heap buffer overflow in SoX startread() may enable DOS or code exec
CVE-2023-34318
7.8 - High
- July 10, 2023
A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.
Memory Corruption
SoX Float Exception Denial of Service via read_samples
CVE-2023-32627
5.5 - Medium
- July 10, 2023
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.
Incorrect Comparison
SoX DoS via FP Exception in lsx_aiffstartwrite
CVE-2023-26590
5.5 - Medium
- July 10, 2023
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.
Incorrect Comparison
SoX FPE in wav.c Allows Crash via Crafted .wav File
CVE-2021-33844
5.5 - Medium
- August 25, 2022
A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash.
Divide By Zero
SoX read_samples() div-by-zero FPE Crash
CVE-2021-23210
5.5 - Medium
- August 25, 2022
A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash.
Divide By Zero
SoX Heap-Buffer-Overflow via Crafted hcomn File
CVE-2021-23172
5.5 - Medium
- August 25, 2022
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash.
Classic Buffer Overflow
SoX heap-buffer-overflow in lsx_read_w_buf via crafted file
CVE-2021-23159
5.5 - Medium
- August 25, 2022
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.
Classic Buffer Overflow
In SoX 14.4.2
CVE-2022-31651
5.5 - Medium
- May 25, 2022
In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.
assertion failure
In SoX 14.4.2
CVE-2022-31650
5.5 - Medium
- May 25, 2022
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
Incorrect Comparison
A flaw was found in sox 14.4.1
CVE-2021-3643
9.1 - Critical
- May 02, 2022
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Soxproject Sox or by Soxproject? Click the Watch button to subscribe.
