WDC Tracking Number: WDC-22003
Published: January 13, 2022
Last Updated: January 13, 2022
EdgeRover 1.5.0-576 includes two major security fixes to help keep your content secure.
Multiple vulnerabilities have been discovered in the FFmpeg multimedia framework which could cause a denial of service or code execution vulnerability if malformed files or streams are processed.
Insecure file and directory permissions were in place that could allow resources to be read or modified by unintended actors.
Addressed multiple FFmpeg vulnerabilities by updating the version to 7:4.1.8-0+deb10u1.
CVE Number: CVE-2020-20445, CVE-2020-20446, CVE-2020-20453, CVE-2020-21041, CVE-2020-22015, CVE-2020-22016, CVE-2020-22017, CVE-2020-22019, CVE-2020-22020, CVE-2020-22021, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22029, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22033, CVE-2020-22034, CVE-2020-22035, CVE-2020-22036, CVE-2020-22037, CVE-2020-22049, CVE-2020-22054, CVE-2020-35965, CVE-2021-38114, CVE-2021-38171, CVE-2021-38291