Use After Free Vulnerability in fluidsynth when Loading Invalid SoundFont File

Use After Free Vulnerability in fluidsynth when Loading Invalid SoundFont File

CVE-2021-21417 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered when loading an invalid SoundFont file.

Learn more about our Web Application Penetration Testing UK.