CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
73.0%
AtomicParsley is a command line program for manipulating iTunes-style metadata in MPEG4 files.
Multiple vulnerabilities have been discovered in AtomicParsley. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
Users can pass only trusted input to AtomicParsley.
Previously, the “wez” AtomicParsley fork was packaged in Gentoo as media-video/atomicparsley-wez. This fork is now packaged as media-video/atomicparsley, so users of the fork’s package should now depclean it:
# emerge --ask --depclean "media-video/atomicparsley-wez"
All AtomicParsley users should upgrade to the latest version, which is a packaging of the “wez” AtomicParsley fork:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/atomicparsley-0.9.6_p20210715_p151551"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | media-video/atomicparsley | < 0.9.6_p20210715_p151551 | UNKNOWN |
Gentoo | any | all | media-video/atomicparsley-wez | <= 0.9.6 | UNKNOWN |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
73.0%