AVG-1397 log

Package ffmpeg
Status Vulnerable
Severity Medium
Type arbitrary code execution
Affected 2:4.3.1-3
Fixed Unknown
Current 2:4.3.1-3 [extra]
Ticket Create
Created Mon Jan 4 10:31:02 2021
Issue Severity Remote Type Description
CVE-2020-35965 Medium No Arbitrary code execution
decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations.
CVE-2020-35964 Medium No Arbitrary code execution
track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of- bounds write because of incorrect extradata packing.