CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-38291 – Gentoo Linux Security Advisory 202312-14
https://notcve.org/view.php?id=CVE-2021-38291
12 Aug 2021 — FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. Una versión de FFmpeg (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) sufre un fallo de aserción en el archivo src/libavutil/mathematics.c It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ub... • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-617: Reachable Assertion •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-21688 – Ubuntu Security Notice USN-5472-1
https://notcve.org/view.php?id=CVE-2020-21688
10 Aug 2021 — A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code. Un uso de memoria previamente liberada de la pila en la función av_freep en el archivo libavutil/mem.c de FFmpeg versión 4.2, permite a atacantes ejecutar código arbitrario It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubunt... • https://trac.ffmpeg.org/ticket/8186 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-21697 – Ubuntu Security Notice USN-5472-1
https://notcve.org/view.php?id=CVE-2020-21697
10 Aug 2021 — A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file. Un uso de la memoria previamente liberada de la pila en la función mpeg_mux_write_packet en el archivo libavformat/mpegenc.c de FFmpeg 4.2, permite causar una denegación de servicio (DOS) por medio de un archivo avi diseñado It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. An attack... • https://trac.ffmpeg.org/ticket/8188 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3566
https://notcve.org/view.php?id=CVE-2021-3566
05 Aug 2021 — Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg). Anterior a versión 4.3 de ffmpeg, el demuxer tty no tenía una función "read_probe" asignada. Si se diseña un archivo "ffconcat" legítimo que haga referencia a un... • https://github.com/FFmpeg/FFmpeg/commit/3bce9e9b3ea35c54bacccc793d7da99ea5157532#diff-74f6b92a0541378ad15de9c29c0a2b0c69881ad9ffc71abe568b88b535e00a7f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-22056
https://notcve.org/view.php?id=CVE-2020-22056
02 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg versión 4.2, debido a una pérdida de memoria en la función config_input en el archivo af_acrossover.c • https://trac.ffmpeg.org/ticket/8304 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 1CVE-2020-22054 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22054
02 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg versión 4.2, debido a una pérdida de memoria en la función av_dict_set en el archivo dict.c Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=6f2a3958cfac135c60b509a61a4fd39432d8f9a9 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-22051 – Ubuntu Security Notice USN-6430-1
https://notcve.org/view.php?id=CVE-2020-22051
02 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the filter_frame function in vf_tile.c. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg versión 4.2, debido a una pérdida de memoria en la función filter_frame en el archivo vf_tile.c It was discovered that FFmpeg did not properly handle certain inputs in vf_lagfun.c, resulting in a buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service via application crash. This ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=673fce6d40d9a594fb7a0ea17d296b7d3d9ea856 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 1CVE-2020-22049 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22049
02 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg versión 4.2, debido a una pérdida de memoria en la función wtvfile_open_sector en el archivo wtvdec.c Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=373c1c9b691fd4c6831b3a114a006b639304c2af • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-22048
https://notcve.org/view.php?id=CVE-2020-22048
02 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg 4.2, debido a una pérdida de memoria en la función ff_frame_pool_get del archivo framepool.c • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 1CVE-2020-22046
https://notcve.org/view.php?id=CVE-2020-22046
02 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg 4.2, debido a una pérdida de memoria en la función avpriv_float_dsp_allocl del archivo libavutil/float_dsp.c • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-401: Missing Release of Memory after Effective Lifetime •