Search for packages
Package details: pkg:alpm/archlinux/live-media@2021.08.09-1
purl pkg:alpm/archlinux/live-media@2021.08.09-1
Next non-vulnerable version 2021.08.24-1
Latest non-vulnerable version 2021.08.24-1
Risk 3.4
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-2wwm-vfea-aaap
Aliases:
CVE-2021-39283
liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands.
2021.08.24-1
Affected by 0 other vulnerabilities.
VCID-52hp-nn4w-aaac
Aliases:
CVE-2021-39282
Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.
2021.08.24-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-qy4q-pmef-aaag Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack. CVE-2021-38380
VCID-tm9x-vzqu-aaan Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. CVE-2021-38382
VCID-z1jv-s4je-aaaa Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. CVE-2021-38381

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T07:46:30.465361+00:00 Arch Linux Importer Fixing VCID-qy4q-pmef-aaag https://security.archlinux.org/AVG-2276 36.0.0
2025-03-28T07:46:30.446826+00:00 Arch Linux Importer Fixing VCID-z1jv-s4je-aaaa https://security.archlinux.org/AVG-2276 36.0.0
2025-03-28T07:46:30.428224+00:00 Arch Linux Importer Fixing VCID-tm9x-vzqu-aaan https://security.archlinux.org/AVG-2276 36.0.0
2025-03-28T07:46:29.242107+00:00 Arch Linux Importer Affected by VCID-52hp-nn4w-aaac https://security.archlinux.org/AVG-2306 36.0.0
2025-03-28T07:46:29.223411+00:00 Arch Linux Importer Affected by VCID-2wwm-vfea-aaap https://security.archlinux.org/AVG-2306 36.0.0
2024-09-18T02:01:47.865433+00:00 Arch Linux Importer Fixing VCID-qy4q-pmef-aaag https://security.archlinux.org/AVG-2276 34.0.1
2024-09-18T02:01:47.846021+00:00 Arch Linux Importer Fixing VCID-z1jv-s4je-aaaa https://security.archlinux.org/AVG-2276 34.0.1
2024-09-18T02:01:47.826527+00:00 Arch Linux Importer Fixing VCID-tm9x-vzqu-aaan https://security.archlinux.org/AVG-2276 34.0.1
2024-09-18T02:01:46.297610+00:00 Arch Linux Importer Affected by VCID-52hp-nn4w-aaac https://security.archlinux.org/AVG-2306 34.0.1
2024-09-18T02:01:46.272285+00:00 Arch Linux Importer Affected by VCID-2wwm-vfea-aaap https://security.archlinux.org/AVG-2306 34.0.1
2024-01-03T22:27:53.089330+00:00 Arch Linux Importer Fixing VCID-qy4q-pmef-aaag https://security.archlinux.org/AVG-2276 34.0.0rc1
2024-01-03T22:27:53.070035+00:00 Arch Linux Importer Fixing VCID-z1jv-s4je-aaaa https://security.archlinux.org/AVG-2276 34.0.0rc1
2024-01-03T22:27:53.050922+00:00 Arch Linux Importer Fixing VCID-tm9x-vzqu-aaan https://security.archlinux.org/AVG-2276 34.0.0rc1
2024-01-03T22:27:51.680281+00:00 Arch Linux Importer Affected by VCID-52hp-nn4w-aaac https://security.archlinux.org/AVG-2306 34.0.0rc1
2024-01-03T22:27:51.660477+00:00 Arch Linux Importer Affected by VCID-2wwm-vfea-aaap https://security.archlinux.org/AVG-2306 34.0.0rc1