maryam ebrahimzadeh

2 exploits Active since Aug 2021
CVE-2021-38171 WRITEUP CRITICAL WRITEUP
FFmpeg 4.4 - Denial of Service via Unchecked Return Value in adts_decode_extradata
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
CVSS 9.8
CVE-2021-40145 WRITEUP HIGH WRITEUP
libgd < 2.3.2 - Double Free in gdImageGd2Ptr
gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and testing purposes.
CVSS 7.5