EUVD-2021-27594

Malicious code in bioql PyPI...

EUVD-2021-27595

Malicious code in bioql PyPI...

CVE-2021-40417

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were parsed for the submitted video by the R3D SDK to calculate the size of a heap buffer. Due to an integer...

CVE-2021-40417

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were parsed for the submitted video by the R3D SDK to calculate the size of a heap buffer. Due to an integer...

CVE-2021-40418

When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the...

Heap overflow

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were parsed for the submitted video by the R3D SDK to calculate the size of a heap buffer. Due to an integer...

Design/Logic Flaw

When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the...

CVE-2021-40418

CVE-2021-40418 affects Blackmagic Design DaVinci Resolve’s R3D DPDecoder service and the R3D SDK. The issue arises when DPDecoder parses a file: it can skip assigning a property that should reference an UUID object parsed from a frame, leaving that member uninitialized. Upon destruction, the unin...

CVE-2021-40417

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the combination of decoding parameters that were submitted with the job along with fields that were parsed for the submitted video by the R3D SDK to calculate the size of a heap buffer. Due to an integer...

CVE-2021-40417

CVE-2021-40417 describes a heap-based buffer overflow in Blackmagic Design DaVinci Resolve’s DPDecoder service when processing a job payload that uses the R3D SDK to compute a heap buffer size. An integer overflow in this calculation can allocate an undersized buffer, and when Data is written int...

PT-2021-22892 · R3D Sdk +1 · R3D Sdk +1

Name of the Vulnerable Software and Affected Versions: DPDecoder service affected versions not specified Description: The issue arises when the DPDecoder service parses a submitted file as a job, using decoding parameters and fields parsed by the R3D SDK to calculate a heap buffer size. An intege...

Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame parsing uninitialized uuid object vulnerability

Summary When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the...