CVE-2021-38383

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-38383
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38383.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-38383
Related
Published
2021-08-10T18:15:07Z
Modified
2025-01-08T11:04:38.317829Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c.

References

Affected packages

Git / github.com/owntone/owntone-server

Affected ranges

Type
GIT
Repo
https://github.com/owntone/owntone-server
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

0.*

0.10
0.11
0.12
0.19

20.*

20.0

21.*

21.0

22.*

22.0
22.1
22.2
22.3

23.*

23.0
23.1
23.2
23.3
23.4

24.*

24.0
24.1
24.2

25.*

25.0

26.*

26.0
26.1
26.2
26.3
26.4
26.5

27.*

27.0
27.1
27.2
27.3
27.4

28.*

28.0
28.1

Other

fork_cleanedup
mt-daapd_svn1696