CVE-2020-26797

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-26797
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-26797.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-26797
Downstream
Published
2021-03-18T20:15:12.893Z
Modified
2025-12-04T21:02:52.299641Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::FileGxf::ChooseParserChannelGrouping.

References

Affected packages

Git / github.com/mediaarea/mediainfo

Affected ranges

Type
GIT
Repo
https://github.com/mediaarea/mediainfo
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1ea88d39e628222125c9e7478a960b31f97f14b0

Affected versions

v0.*

v0.7.74
v0.7.75
v0.7.76
v0.7.77
v0.7.78
v0.7.79
v0.7.80
v0.7.81
v0.7.82
v0.7.83
v0.7.84
v0.7.85
v0.7.86
v0.7.87
v0.7.88
v0.7.89
v0.7.90
v0.7.91
v0.7.92
v0.7.93
v0.7.94
v0.7.95
v0.7.96
v0.7.97
v0.7.98
v0.7.99

v17.*

v17.01
v17.10
v17.12

v18.*

v18.03
v18.03.1
v18.05
v18.08
v18.08.1
v18.12

v19.*

v19.04
v19.07
v19.09

v20.*

v20.03

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-26797.json"

Git / github.com/mediaarea/mediainfolib

Affected ranges

Type
GIT
Repo
https://github.com/mediaarea/mediainfolib
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
84d951c066868751096cf47487b453841e90f96f

Affected versions

v0.*

v0.7.74
v0.7.75
v0.7.76
v0.7.77
v0.7.78
v0.7.79
v0.7.80
v0.7.81
v0.7.82
v0.7.83
v0.7.84
v0.7.85
v0.7.86
v0.7.87
v0.7.88
v0.7.89
v0.7.90
v0.7.91
v0.7.92
v0.7.93
v0.7.94
v0.7.95
v0.7.96
v0.7.97
v0.7.98
v0.7.99

v17.*

v17.10
v17.12

v18.*

v18.03
v18.03.1
v18.05
v18.08
v18.08.1
v18.12

v19.*

v19.04
v19.07
v19.09

v20.*

v20.03

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-26797.json"