VDB
CVE-2021-38380
CVE-2021-38380
PUBLISHED
CVSS 7.5 HIGH
Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack.
EPSS 0.28% · 51.4th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.28%
51.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| live555 | live555 | 0 |
| n/a | n/a | * |
Timeline
- Aug 10, 2021 CVE Published
- Aug 11, 2021 EPSS Score
- Oct 9, 2021 EPSS Score
- Dec 6, 2021 EPSS Score
- Feb 3, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 3, 2022 EPSS Score
- May 31, 2022 EPSS Score
- Sep 27, 2022 EPSS Score
- Nov 25, 2022 EPSS Score
- Jan 22, 2023 EPSS Score