CVE-2021-30145

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-30145
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-30145.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-30145
Downstream
Related
Published
2021-05-18T14:15:07Z
Modified
2025-10-21T06:21:23.368570Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.

References

Affected packages

Git / github.com/mpv-player/mpv

Affected ranges

Type
GIT
Repo
https://github.com/mpv-player/mpv
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
b5d3e43198b9d57af5620b63537885aaa41fa8cd
Fixed
d0c530919d8cd4d7a774e38ab064e0fabdae34e6

Affected versions

v0.*

v0.1.0
v0.25.0
v0.26.0
v0.27.0
v0.28.0
v0.29.0
v0.30.0
v0.31.0
v0.32.0
v0.33.0

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/mpv-player/mpv/commit/d0c530919d8cd4d7a774e38ab064e0fabdae34e6",
        "target": {
            "function": "open_mf_pattern",
            "file": "demux/demux_mf.c"
        },
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2021-30145-7c714005",
        "digest": {
            "function_hash": "268634330912393980160582075139174200355",
            "length": 2529.0
        }
    },
    {
        "source": "https://github.com/mpv-player/mpv/commit/d0c530919d8cd4d7a774e38ab064e0fabdae34e6",
        "target": {
            "file": "demux/demux_mf.c"
        },
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2021-30145-e23b7691",
        "digest": {
            "line_hashes": [
                "318278708610111311971907503341767063621",
                "20400393116502452763656028356723097255",
                "2518238306090257716179303030090564964",
                "122700104744205355818586971563960571964",
                "190191767106811564608045251026599596882",
                "28396784055268661443982855327607510881",
                "129441837851678876694802442058186216748",
                "99586014603262892290593702810603438397",
                "103567284091188742513705697402229084886",
                "133517497564468559407418282955546792386"
            ],
            "threshold": 0.9
        }
    }
]