← back
CVE-2021-3643

CVE-2021-3643

EPSS 1.5%CWE-125
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 May 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
Affected products
n/a · sox