CVE-2021-38291
https://notcve.org/view.php?id=CVE-2021-38291
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. Una versión de FFmpeg (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) sufre un fallo de aserción en el archivo src/libavutil/mathematics.c • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html https://security.gentoo.org/glsa/202312-14 https://trac.ffmpeg.org/ticket/9312 https://www.debian.org/security/2021/dsa-4990 https://www.debian.org/security/2021/dsa-4998 • CWE-617: Reachable Assertion •
CVE-2020-14212
https://notcve.org/view.php?id=CVE-2020-14212
FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted. FFmpeg versiones hasta 4.3, presentan un desbordamiento de búfer en la región heap de la memoria en la función avio_get_str en la biblioteca libavformat/aviobuf.c porque el archivo dnn_backend_native.c llama a ff_dnn_load_model_native y se omite una determinada comprobación de índice • https://patchwork.ffmpeg.org/project/ffmpeg/list/?series=1463 https://security.gentoo.org/glsa/202007-58 https://trac.ffmpeg.org/ticket/8716 • CWE-787: Out-of-bounds Write •
CVE-2005-4048
https://notcve.org/view.php?id=CVE-2005-4048
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 http://cvs.freedesktop.org/gstreamer/gst-ffmpeg/ChangeLog?rev=1.239&view=markup http://secunia.com/advisories/17892 http://secunia.com/advisories/18066 http://secunia.com/advisories/18087 http://secunia.com/advisories/18107 http://secunia.com/advisories/18400 http://secunia.com/advisories/18739 http://secunia.com/advisories/18746 http://secunia.com/advisories/19114 http://secunia.com/advisories/19192 http://secunia • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •