CVE-2021-30123

Beschreibung:
FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution. CWE: CWE-120 CWE-284

CVSS-Bewertung
CVSS 2: MEDIUM – 6.8 (Version: 2.0)
CVSS 3: HIGH – 8.8 (Version: 3.1)

Links:

NVD – CVE-2021-30123
CVE – CVE-2021-30123

Link (max. 20) Quelle Tags
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f MISC Patch Third Party Advisory Patch Third Party Advisory
https://trac.ffmpeg.org/ticket/8863 MISC Exploit Vendor Advisory
https://trac.ffmpeg.org/ticket/8845 MISC Exploit Vendor Advisory
FEDORA-2021-5cd2571751 FEDORA Third Party Advisory Vendor Advisory
[debian-lts-announce] 20210505 [SECURITY] [DLA 2648-1] mediawiki security update MLIST Third Party Advisory Vendor Advisory
[debian-lts-announce] 20210506 [SECURITY] [DLA 2648-2] mediawiki regression update MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Created] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Closed] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Updated] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[pulsar-commits] 20210429 [pulsar] branch branch-2.7 updated: [Security] Upgrade commons-io to address CVE-2021-29425 (#10287) MLIST Mailing List Third Party Advisory
[myfaces-dev] 20210504 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #808: build: CVE fix MLIST Mailing List Third Party Advisory Vendor Advisory

Quelle: NVD – CVE-2021-30123
Datum Veröffentlichung: 2021-04-07T20:15Z, Datum letzte Änderung: 2021-05-10T19:56Z