{"id":"CVE-2021-32419","details":"An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c.","modified":"2026-04-11T17:12:34.136814Z","published":"2023-02-17T18:15:10.970Z","references":[{"type":"REPORT","url":"https://github.com/schismtracker/schismtracker/issues/249"},{"type":"FIX","url":"https://github.com/schismtracker/schismtracker/commit/1e2cc389a2a058fd13d99460c11115a6f7f7a6a4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/schismtracker/schismtracker","events":[{"introduced":"0"},{"fixed":"c3f4125949004fe34e4eefa9242d49d65dd568f8"},{"fixed":"1e2cc389a2a058fd13d99460c11115a6f7f7a6a4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"20200412"}]}}],"versions":["20160521","20160913","20170420","20170910","20180209","20180513","20180810","20181223","20190614","20190722","20190805","20200412","deploy-test-1","deploy-test-2","deploy-test-3","deploy-test-4","deploy-test-5","hg-import","issue-175.0","issue-175.1","macosx-deploy-test"],"database_specific":{"vanir_signatures_modified":"2026-04-11T17:12:34Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32419.json","vanir_signatures":[{"signature_version":"v1","deprecated":false,"signature_type":"Line","target":{"file":"schism/widget.c"},"digest":{"line_hashes":["41534818966501086304164836470508758450","222377102072624111295474298271582241982","265112813509916268140834760463751215755","111971547383475602431267073673428322580","169734701491302771824216204812752821088","237964820457242366710920609822545141580","292971023616381296089066259351605749738","246032086413278929124296689280197642451","65550076816628675396352422538928243173"],"threshold":0.9},"source":"https://github.com/schismtracker/schismtracker/commit/c3f4125949004fe34e4eefa9242d49d65dd568f8","id":"CVE-2021-32419-040f51e3"},{"signature_version":"v1","deprecated":false,"signature_type":"Function","target":{"file":"fmt/mtm.c","function":"fmt_mtm_load_song"},"digest":{"function_hash":"298656856945043239684938761828957924267","length":4419},"source":"https://github.com/schismtracker/schismtracker/commit/1e2cc389a2a058fd13d99460c11115a6f7f7a6a4","id":"CVE-2021-32419-8e887c97"},{"signature_version":"v1","deprecated":false,"signature_type":"Line","target":{"file":"fmt/mtm.c"},"digest":{"line_hashes":["250874450995467078051754149728279483426","322199718857949293499747172018328694299","238188734071090339494334220432428072555","83716173005277346416975585041255476716"],"threshold":0.9},"source":"https://github.com/schismtracker/schismtracker/commit/1e2cc389a2a058fd13d99460c11115a6f7f7a6a4","id":"CVE-2021-32419-9152cd22"},{"signature_version":"v1","deprecated":false,"signature_type":"Function","target":{"file":"schism/widget.c","function":"togglebutton_set"},"digest":{"function_hash":"266794352674715488648338525011267718230","length":501},"source":"https://github.com/schismtracker/schismtracker/commit/c3f4125949004fe34e4eefa9242d49d65dd568f8","id":"CVE-2021-32419-9e235c16"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}