vulnerability

Ubuntu: (CVE-2021-32644): ampache vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Jun 22, 2021	Jun 26, 2025	Aug 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Jun 22, 2021

Added

Jun 26, 2025

Modified

Aug 18, 2025

Description

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. This issue has been resolved in 4.4.3.

Solution

no-fix-ubuntu-package

References

CVE-2021-32644
https://attackerkb.com/topics/CVE-2021-32644
CWE-79
URL-https://github.com/ampache/ampache/commit/c9453841e1b517a1660c3da1efd1fe5d623c93a5
URL-https://github.com/ampache/ampache/security/advisories/GHSA-vqpj-xgw2-r54q
URL-https://www.cve.org/CVERecord?id=CVE-2021-32644

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today