CVE-2021-3246

Опубликовано: 20 июл. 2021

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

CVSS3: 8.8

Описание

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

Релиз	Статус	Примечание
bionic	released	1.0.28-4ubuntu0.18.04.2
devel	released	1.0.31-1ubuntu2
esm-infra-legacy/trusty	not-affected	1.0.25-7ubuntu2.2+esm2
esm-infra/bionic	not-affected	1.0.28-4ubuntu0.18.04.2
esm-infra/focal	not-affected	1.0.28-7ubuntu0.1
esm-infra/xenial	released	1.0.25-10ubuntu0.16.04.3+esm1
focal	released	1.0.28-7ubuntu0.1
groovy	ignored	end of life
hirsute	released	1.0.31-1ubuntu1.1
impish	released	1.0.31-1ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 78%

0.01201

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2021-3246

CVSS3: 8.8

redhat

около 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

CVE-2021-3246

CVSS3: 8.8

nvd

около 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

CVE-2021-3246

CVSS3: 8.8

debian

около 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsnd ...

SUSE-SU-2021:14769-1

suse-cvrf

около 4 лет назад

Security update for libsndfile

RLSA-2021:3253

rocky

почти 4 года назад

Important: libsndfile security update

EPSS

Процентиль: 78%

0.01201

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2021-3246

Описание

Пакет libsndfile

Ссылки на источники

Связанные уязвимости