GHSA-vrpv-vw92-328g

Suggest an improvement
Source
https://github.com/advisories/GHSA-vrpv-vw92-328g
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/02/GHSA-vrpv-vw92-328g/GHSA-vrpv-vw92-328g.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-vrpv-vw92-328g
Published
2025-02-06T17:10:32Z
Modified
2025-02-06T17:26:30.733485Z
Summary
Multiple rtmpdump vulnerabilities
Details

The version of rtmpdump contained in this package has multiple known vulnerabilities.

Patches

This package is abandoned and should not be used anymore. There is no patched release.

Workarounds

You should install rmtpdump from another source.

References

  • https://github.com/advisories/GHSA-fm48-q5qq-894j
  • https://github.com/advisories/GHSA-pfv7-grcx-8gcc
  • https://github.com/advisories/GHSA-hg4c-2mw4-gwpm
Database specific 
{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-1395"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2025-02-06T17:10:32Z"
}
References

Affected packages

Packagist / rudloff/rtmpdump-bin

Package

Name
rudloff/rtmpdump-bin
Purl
pkg:composer/rudloff/rtmpdump-bin

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
2.3.1

Affected versions

2.*

2.3
2.3.1