ffmpeg

FFmpeg suffers from a an assertion failure at src/libavutil/mathematics.c.

adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second...

libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.

dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of- bounds array access because dc_count is not strictly checked.

A denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.

A heap-based buffer overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious...

A buffer overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c could let a remote malicious user cause a denial of service.

A buffer overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c could let a remote malicious user cause a denial of service.

A buffer overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c could let a remote malicious user...

FFmpeg 4.2 is affected by a divide by zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a denial of service.

FFmpeg 4.1.3 is affected by a divide by zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a denial of service.

FFmpeg 4.2 is affected by a divide by zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a denial of service.

FFmpeg 4.2 is affected by a divide by zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a denial of service.

FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution.

decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations.

track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of- bounds write because of incorrect extradata packing. The issue is fixed in FFmpeg version 4.3.2.

A buffer overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote denial of service.

A buffer overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malicious user cause...

A buffer overflow vulnerability in FFmpeg 4.2 at the lagfun_frame16 function in libavfilter/vf_lagfun.c could let a remote malicious user cause denial of service.

A use-after-free via a crafted EXTINF duration in an m3u8 file has been found in ffmpeg <= 4.2.3, because parse_playlist in libavformat/hls.c frees a...

The VC-2 Video Compression encoder in FFmpeg 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer...

The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers...

In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption....

In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a...

In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a...

In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption....

In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3, an integer signedness error might occur when a crafted file, which claims a...

In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims...

In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to...

In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file,...

In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When...

In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption....

In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a...

A heap overflow flaw was found in FFmpeg < 3.2.4.

A heap overflow flaw was found in FFmpeg < 3.2.4.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was...