Matroska libebml 1.3.0

CPE Details

Matroska libebml 1.3.0
matroska
libebml
1.3.0
2021-03-10
16h31 +00:00
2021-03-15
13h20 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:matroska:libebml:1.3.0:*:*:*:*:*:*:*

Informations

Vendor

matroska

Product

libebml

Version

1.3.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-52339 2024-01-11 23h00 +00:00 In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.
6.5
Medium
CVE-2021-3405 2021-02-23 18h05 +00:00 A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
6.5
Medium
CVE-2015-8789 2016-01-29 18h00 +00:00 Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
9.6
Critical
CVE-2015-8790 2016-01-29 18h00 +00:00 The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
4.3
Medium
CVE-2015-8791 2016-01-29 18h00 +00:00 The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
4.3
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.