Vulnerability Details CVE-2021-30481
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.11
EPSS Ranking 93.1%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 6.0
References
- https://news.ycombinator.com/item?id=26762170
- https://twitter.com/floesen_/status/1337107178096881666
- https://twitter.com/the_secret_club/status/1380868759129296900
- https://www.youtube.com/watch?v=rNQn--9xR1Q
- https://news.ycombinator.com/item?id=26762170
- https://twitter.com/floesen_/status/1337107178096881666
- https://twitter.com/the_secret_club/status/1380868759129296900
- https://www.youtube.com/watch?v=rNQn--9xR1Q
Products affected by CVE-2021-30481
-
cpe:2.3:a:valvesoftware:steam_client:-
-
cpe:2.3:a:valvesoftware:steam_client:2.10.91.91
-
cpe:2.3:a:valvesoftware:steam_client:2018-03-22
-
cpe:2.3:a:valvesoftware:steam_client:2018-03-26
-
cpe:2.3:a:valvesoftware:steam_client:2018-04-02
-
cpe:2.3:a:valvesoftware:steam_client:2018-04-04
-
cpe:2.3:a:valvesoftware:steam_client:2018-05-16
-
cpe:2.3:a:valvesoftware:steam_client:2018-05-18
-
cpe:2.3:a:valvesoftware:steam_client:2018-06-01
-
cpe:2.3:a:valvesoftware:steam_client:2018-07-24
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-01
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-27
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-29
-
cpe:2.3:a:valvesoftware:steam_client:2018-09-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-10-10
-
cpe:2.3:a:valvesoftware:steam_client:2018-10-12
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-09
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-26
-
cpe:2.3:a:valvesoftware:steam_client:2019-01-04
-
cpe:2.3:a:valvesoftware:steam_client:2019-02-01
-
cpe:2.3:a:valvesoftware:steam_client:2019-02-18
-
cpe:2.3:a:valvesoftware:steam_client:2019-03-05
-
cpe:2.3:a:valvesoftware:steam_client:2019-04-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-04-29
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-13
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-14
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-17
-
cpe:2.3:a:valvesoftware:steam_client:2019-07-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-05
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-07
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-12
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-20
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-21
-
cpe:2.3:a:valvesoftware:steam_client:2019-09-10
-
cpe:2.3:a:valvesoftware:steam_client:2019-09-12
-
cpe:2.3:a:valvesoftware:steam_client:2021-04-10