{"id":"CVE-2021-32833","details":"Emby Server is a personal media server with apps on many devices. In Emby Server on Windows there is a set of arbitrary file read vulnerabilities. This vulnerability is known to exist in version 4.6.4.0 and may not be patched in later versions. Known vulnerable routes are /Videos/Id/hls/PlaylistId/SegmentId.SegmentContainer, /Images/Ratings/theme/name and /Images/MediaInfo/theme/name. For more details including proof of concept code, refer to the referenced GHSL-2021-051. This issue may lead to unauthorized access to the system especially when Emby Server is configured to be accessible from the Internet.","modified":"2026-04-12T03:27:13.193642Z","published":"2021-09-09T02:15:14.310Z","references":[{"type":"EVIDENCE","url":"https://securitylab.github.com/advisories/GHSL-2021-051-emby/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mediabrowser/emby.releases","events":[{"introduced":"0"},{"last_affected":"8850d68d3f8f5339caddb2c27d1ce03916f06f46"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"4.6.4.0"}],"cpe":"cpe:2.3:a:emby:emby.releases:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["3.2.31","3.2.32.0","3.2.33.0","3.2.34.0","3.2.35.0","3.2.40.0","3.2.50.0","3.2.60.0","3.2.70.0","3.3.0.0","3.3.1.0","3.3.1.10","3.3.1.11","3.3.1.12","3.3.1.13","3.3.1.14","3.3.1.15","3.3.1.16","3.3.1.17","3.3.1.18","3.3.1.19","3.3.1.20","3.3.1.21","3.3.1.22","3.3.1.23","3.3.1.24","3.3.1.25","3.3.1.26","3.3.1.27","3.3.1.28","3.3.1.7","3.3.1.8","3.3.1.9","3.4.0.0","3.4.0.3","3.4.0.4","3.4.1.0","3.4.1.1","3.4.1.10","3.4.1.11","3.4.1.12","3.4.1.13","3.4.1.14","3.4.1.15","3.4.1.16","3.4.1.17","3.4.1.18","3.4.1.19","3.4.1.2","3.4.1.20","3.4.1.21","3.4.1.22","3.4.1.23","3.4.1.24","3.4.1.27","3.4.1.28","3.4.1.29","3.4.1.30","3.4.1.31","3.4.1.32","3.4.1.33","3.4.1.34","3.4.1.35","3.4.1.5","3.4.1.6","3.4.1.7","3.4.1.8","3.4.1.9","3.5.0.0","3.5.1.0","3.5.2.0","3.5.3.0","3.6.0.1","3.6.0.2","3.6.0.31","3.6.0.32","3.6.0.33","3.6.0.34","3.6.0.38","3.6.0.39","3.6.0.40","3.6.0.41","3.6.0.42","3.6.0.43","3.6.0.44","3.6.0.45","3.6.0.46","3.6.0.47","3.6.0.49","3.6.0.50","3.6.0.51","3.6.0.52","3.6.0.53","3.6.0.54","3.6.0.55","3.6.0.56","3.6.0.57","3.6.0.58","3.6.0.59","3.6.0.60","3.6.0.61","3.6.0.63","3.6.0.64","3.6.0.65","3.6.0.66","3.6.0.67","3.6.0.68","3.6.0.69","3.6.0.70","3.6.0.71","3.6.0.72","3.6.0.73","3.6.0.74","3.6.0.75","3.6.0.76","3.6.0.77","3.6.0.78","3.6.0.79","3.6.0.80","3.6.0.81","3.6.0.82","3.6.0.83","3.6.0.84","4.0.0.0","4.0.0.1","4.0.0.2","4.0.1.0","4.0.2.0","4.0.3.0","4.1.0.0","4.1.0.1","4.1.0.10","4.1.0.11","4.1.0.12","4.1.0.13","4.1.0.14","4.1.0.15","4.1.0.16","4.1.0.17","4.1.0.18","4.1.0.19","4.1.0.2","4.1.0.20","4.1.0.21","4.1.0.22","4.1.0.23","4.1.0.24","4.1.0.25","4.1.0.26","4.1.0.3","4.1.0.4","4.1.0.5","4.1.0.6","4.1.0.7","4.1.0.8","4.1.0.9","4.1.1.0","4.2.0.0","4.2.0.1","4.2.0.10","4.2.0.11","4.2.0.12","4.2.0.13","4.2.0.14","4.2.0.15","4.2.0.16","4.2.0.17","4.2.0.18","4.2.0.19","4.2.0.20","4.2.0.21","4.2.0.22","4.2.0.23","4.2.0.24","4.2.0.25","4.2.0.26","4.2.0.27","4.2.0.28","4.2.0.29","4.2.0.30","4.2.0.31","4.2.0.32","4.2.0.33","4.2.0.34","4.2.0.35","4.2.0.36","4.2.0.4","4.2.0.40","4.2.0.5","4.2.0.6","4.2.0.7","4.2.0.8","4.2.0.9","4.2.1.0","4.3.0.0","4.3.0.1","4.3.0.10","4.3.0.11","4.3.0.12","4.3.0.13","4.3.0.14","4.3.0.15","4.3.0.16","4.3.0.17","4.3.0.18","4.3.0.19","4.3.0.2","4.3.0.20","4.3.0.21","4.3.0.22","4.3.0.23","4.3.0.24","4.3.0.25","4.3.0.26","4.3.0.3","4.3.0.30","4.3.0.4","4.3.0.5","4.3.0.6","4.3.0.7","4.3.0.8","4.3.0.9","4.3.1.0","4.4.0.0","4.4.0.1","4.4.0.10","4.4.0.11","4.4.0.12","4.4.0.13","4.4.0.14","4.4.0.15","4.4.0.16","4.4.0.17","4.4.0.18","4.4.0.19","4.4.0.2","4.4.0.20","4.4.0.21","4.4.0.22","4.4.0.23","4.4.0.24","4.4.0.25","4.4.0.26","4.4.0.27","4.4.0.28","4.4.0.29","4.4.0.3","4.4.0.30","4.4.0.4","4.4.0.40","4.4.0.5","4.4.0.6","4.4.0.7","4.4.0.9","4.4.1.0","4.4.2.0","4.4.3.0","4.5.0.1","4.5.0.10","4.5.0.11","4.5.0.12","4.5.0.13","4.5.0.14","4.5.0.15","4.5.0.16","4.5.0.17","4.5.0.18","4.5.0.19","4.5.0.2","4.5.0.20","4.5.0.21","4.5.0.22","4.5.0.23","4.5.0.24","4.5.0.25","4.5.0.26","4.5.0.27","4.5.0.28","4.5.0.29","4.5.0.3","4.5.0.30","4.5.0.4","4.5.0.5","4.5.0.50","4.5.0.6","4.5.0.7","4.5.0.8","4.5.0.9","4.5.1.0","4.5.2.0","4.5.3.0","4.5.4.0","4.6.0.1","4.6.0.10","4.6.0.2","4.6.0.20","4.6.0.21","4.6.0.22","4.6.0.26","4.6.0.28","4.6.0.29","4.6.0.3","4.6.0.30","4.6.0.31","4.6.0.36","4.6.0.37","4.6.0.38","4.6.0.39","4.6.0.4","4.6.0.40","4.6.0.41","4.6.0.42","4.6.0.43","4.6.0.44","4.6.0.45","4.6.0.46","4.6.0.47","4.6.0.48","4.6.0.5","4.6.0.50","4.6.0.51","4.6.0.52","4.6.0.6","4.6.0.7","4.6.0.8","4.6.0.9","4.6.1.0","4.6.2.0","4.6.3.0","4.6.4.0","4.7.0.0","4.7.0.1","4.7.0.2","4.7.0.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32833.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}]}