vulnerability Problems
IMPORTANT: Be sure to replace all template sections {{ like this }} or your issue may be discarded.
Overview
the components in 9.0.0 whl package has many vulnerabilities.
openjpeg 2.3.1 (The latest is 2.4.0 you can upate to 2.4.0 to fix)
CVE-2020-8112
CVE-2020-27844
CVE-2020-27823
CVE-2020-27814
CVE-2020-6851
CVE-2020-15389
CVE-2020-27843
CVE-2019-12973
CVE-2020-27841
CVE-2020-27824
CVE-2020-27845
CVE-2020-27842
ffmpeg 4.3.3
CVE-2020-35965
CVE-2021-38291
gnutls 3.6.16
CVE-2021-20232
CVE-2021-20231
libgmp 6.2.1
CVE-2021-43618
wavpack 5.3.0
CVE-2020-35738
Expected behavior
Clear or update some components to the latest one
Investigation
{{ What you did to isolate the problem. }}
Reproduction
{{ Steps to reproduce the behavior. If the problem is media specific, include a link to it. Only send media that you have the rights to. }}
Versions
- OS: linux
- PyAV runtime: 9.0.0
Research
I have done the following:
-
Checked the PyAV documentation -
Searched on Google -
Searched on Stack Overflow -
Looked through old GitHub issues -
Asked on PyAV Gitter -
... and waited 72 hours for a response.