← voltar
CVE-2021-21417

Use after free in fluidsynth

CVSS 7.2 HIGHEPSS 0.9%CWE-416
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.2EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
29 abr 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered when loading an invalid SoundFont file.
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Produtos afetados
FluidSynth · fluidsynth