{"id":"CVE-2020-15395","details":"In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).","modified":"2026-04-10T04:22:57.995913Z","published":"2020-06-30T11:15:10.520Z","related":["MGASA-2021-0134"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQJCEQRRPTN5CY5URDFTEJU3A2VKLNBA/"},{"type":"ADVISORY","url":"https://mediaarea.net/en/MediaInfo"},{"type":"EVIDENCE","url":"https://sourceforge.net/p/mediainfo/bugs/1127/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mediaarea/mediainfolib","events":[{"introduced":"0"},{"last_affected":"4d746dc78e44dcc0b9d58e57e7c3241fc1628e9f"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"20.03"}]}}],"versions":["v0.7.74","v0.7.76","v0.7.78","v0.7.80","v0.7.81","v0.7.82","v0.7.83","v0.7.84","v0.7.85","v0.7.86","v0.7.87","v0.7.88","v0.7.89","v0.7.90","v0.7.91","v0.7.92","v0.7.93","v0.7.94","v0.7.95","v0.7.96","v0.7.97","v0.7.98","v0.7.99","v17.10","v17.12","v18.03","v18.03.1","v18.05","v18.08","v18.08.1","v18.12","v19.04","v19.07","v19.09","v20.03"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"32"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15395.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}