CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30475
https://notcve.org/view.php?id=CVE-2021-30475
aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. El archivo aom_dsp/noise_model.c en libaom en AOMedia versiones anteriores al 24-03-2021, presenta un desbordamiento del búfer • https://aomedia.googlesource.com/aom/+/12adc723acf02633595a4d8da8345742729f46c0 https://bugs.chromium.org/p/aomedia/issues/detail?id=2999 https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCI33HXH6YSOGC2LPE2REQLMIDH6US4 https://security.gentoo.org/glsa/202401-32 https://www.debian.org/security/2023/dsa-5490 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30474
https://notcve.org/view.php?id=CVE-2021-30474
aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. El archivo aom_dsp/grain_table.c en la función libaom en AOMedia hasta el 30-03-2021, presenta un uso de la memoria previamente liberada • https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e https://bugs.chromium.org/p/aomedia/issues/detail?id=3000 https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html https://security.gentoo.org/glsa/202401-32 https://www.debian.org/security/2023/dsa-5490 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30473
https://notcve.org/view.php?id=CVE-2021-30473
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. El archivo aom_image.c en libaom en AOMedia versiones anteriores al 07-04-2021, libera memoria que no se encuentra en la pila • https://aomedia.googlesource.com/aom/+/4efe20e99dcd9b6f8eadc8de8acc825be7416578 https://bugs.chromium.org/p/aomedia/issues/detail?id=2998 https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCI33HXH6YSOGC2LPE2REQLMIDH6US4 https://security.gentoo.org/glsa/202401-32 https://www.debian.org/security/2023/dsa-5490 • CWE-763: Release of Invalid Pointer or Reference •