{"id":"CVE-2021-3405","details":"A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.","modified":"2026-04-16T04:30:14.680346247Z","published":"2021-02-23T20:15:12.087Z","related":["openSUSE-SU-2024:10937-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JNHQI6MDOECJ2HT5GCLEX2DMJFEOWPW7/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHIIMWZKHHELFF4NRDMOOCS3HKK3K4DF/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YY7R2JZRO5I6WS62KTJFTZGKYELVFTVB/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202208-21"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00016.html"},{"type":"REPORT","url":"https://github.com/Matroska-Org/libebml/issues/74"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/matroska-org/libebml","events":[{"introduced":"0"},{"fixed":"6c59e5e1ce0087e4465f6d3f479449d3f6bcb167"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.4.2"}]}}],"versions":["release-1.3.0","release-1.3.1","release-1.3.10","release-1.3.2","release-1.3.3","release-1.3.4","release-1.3.5","release-1.3.6","release-1.3.7","release-1.3.8","release-1.3.9","release-1.4.0","release-1.4.1"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"line_hashes":["48377290074949130495164895076365827608","316359439968302076612153081825500800864"],"threshold":0.9},"source":"https://github.com/matroska-org/libebml/commit/6c59e5e1ce0087e4465f6d3f479449d3f6bcb167","id":"CVE-2021-3405-de8843e5","signature_type":"Line","target":{"file":"src/EbmlVersion.cpp"},"deprecated":false}],"vanir_signatures_modified":"2026-04-11T17:26:02Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3405.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}