CVE-2021-33815: Out-of-bounds Read
First published: Thu Jun 03 2021(Updated: )
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FFmpeg FFmpeg | =4.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-33815.
What is the severity of CVE-2021-33815?
CVE-2021-33815 has a severity rating of 8.8 (high).
How does CVE-2021-33815 impact FFmpeg 4.4?
CVE-2021-33815 allows an out-of-bounds array access in FFmpeg 4.4, potentially leading to a security breach.
How can I fix CVE-2021-33815?
To fix CVE-2021-33815, update FFmpeg to version 4.4 or later, as it contains the necessary fix for this vulnerability.
What is the Common Weakness Enumeration (CWE) ID for CVE-2021-33815?
CVE-2021-33815 is associated with CWE-129, which is a vulnerability in the improper validation of array indexes.
- agent/references
- agent/event
- agent/author
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/remedy
- agent/weakness
- agent/severity
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ffmpeg
- canonical/ffmpeg ffmpeg
- version/ffmpeg ffmpeg/4.4