CVE-2021-30123

FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ffmpeg:ffmpeg:4.4:*:*:*:*:*:*:*

History

07 Nov 2023, 03:32

Type Values Removed Values Added
References
  • {'url': 'http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f', 'name': 'http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • () http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=d6f293353c94c7ce200f6e0975ae3de49787f91f -

29 Sep 2021, 14:24

Type Values Removed Values Added
CPE cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* cpe:2.3:a:ffmpeg:ffmpeg:4.4:*:*:*:*:*:*:*

04 Jun 2021, 19:06

Type Values Removed Values Added
References (GENTOO) https://security.gentoo.org/glsa/202105-24 - (GENTOO) https://security.gentoo.org/glsa/202105-24 - Third Party Advisory

26 May 2021, 12:15

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202105-24 -

13 Apr 2021, 18:24

Type Values Removed Values Added
CWE CWE-120
References (MISC) https://trac.ffmpeg.org/ticket/8863 - (MISC) https://trac.ffmpeg.org/ticket/8863 - Exploit, Vendor Advisory
References (MISC) https://trac.ffmpeg.org/ticket/8845 - (MISC) https://trac.ffmpeg.org/ticket/8845 - Exploit, Vendor Advisory
References (MISC) http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f - (MISC) http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f - Patch, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 6.8
v3 : 8.8
CPE cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*

07 Apr 2021, 20:30

Type Values Removed Values Added
New CVE

Information

Published : 2021-04-07 20:15

Updated : 2023-12-10 13:55


NVD link : CVE-2021-30123

Mitre link : CVE-2021-30123

CVE.ORG link : CVE-2021-30123


JSON object : View

Products Affected

ffmpeg

  • ffmpeg
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')