High severity7.8NVD Advisory· Published May 18, 2021· Updated Jun 17, 2026
CVE-2021-30145
CVE-2021-30145
Description
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- mpv/mpvdescription
- osv-coords2 versionspkg:rpm/opensuse/mpv&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/mpv&distro=SUSE%20Package%20Hub%2015%20SP2
< 0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1+ 1 more
- (no CPE)range: < 0.32.0+git.20200301T004003.e7bab0025f-lp152.2.6.1
- (no CPE)range: < 0.32.0+git.20200301T004003.e7bab0025f-bp152.2.6.1
Patches
Vulnerability mechanics
References
5- github.com/mpv-player/mpv/commit/d0c530919d8cd4d7a774e38ab064e0fabdae34e6nvdPatchThird Party Advisory
- devel0pment.denvdExploitThird Party Advisory
- github.com/mpv-player/mpv/releases/tag/v0.33.1nvdThird Party Advisory
- mpv.ionvdProductVendor Advisory
- security.gentoo.org/glsa/202107-46nvdThird Party Advisory
News mentions
0No linked articles in our index yet.