Vulnerability Details CVE-2021-37231
A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.9%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://github.com/wez/atomicparsley/issues/30
- https://github.com/wez/atomicparsley/pull/31#issue-687280335
- https://security.gentoo.org/glsa/202305-01
- https://github.com/wez/atomicparsley/issues/30
- https://github.com/wez/atomicparsley/pull/31#issue-687280335
- https://security.gentoo.org/glsa/202305-01
Products affected by CVE-2021-37231
-
cpe:2.3:a:atomicparsley_project:atomicparsley:20210124.204813.840499f