← volver
CVE-2021-21417

Use after free in fluidsynth

CVSS 7.2 HIGHEPSS 0.9%CWE-416
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.2EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
29 abr 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered when loading an invalid SoundFont file.
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Productos afectados
FluidSynth · fluidsynth