Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDFAF7C1D0-F5BB-47B4-A6A8-EF57317B9766
HistoryNov 12, 2022 - 12:00 a.m.

ffmpeg -- multiple vulnerabilities

2022-11-1200:00:00
vuxml.freebsd.org
22

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

52.6%

JSON

NVD reports:

An issue was discovered in the FFmpeg package, where
vp3_decode_frame in libavcodec/vp3.c lacks check of the
return value of av_malloc() and will cause a null pointer
dereference, impacting availability.

A null pointer dereference issue was discovered in
‘FFmpeg’ in decode_main_header() function of
libavformat/nutdec.c file. The flaw occurs because the
function lacks check of the return value of
avformat_new_stream() and triggers the null pointer
dereference error, causing an application to crash.

A vulnerability classified as problematic has been found
in ffmpeg. This affects an unknown part of the file
libavcodec/rpzaenc.c of the component QuickTime RPZA Video
Encoder. The manipulation of the argument y_size leads to
out-of-bounds read. It is possible to initiate the attack
remotely. The name of the patch is
92f9b28ed84a77138105475beba16c146bdaf984. It is recommended
to apply a patch to fix this issue. The associated
identifier of this vulnerability is VDB-213543.

Related

nessus 12
ubuntu 1
rosalinux 1
cloudfoundry 1
openvas 16
osv 6
debian 2
veracode 3
cve 3
mageia 2
ubuntucve 3
prion 3
debiancve 3
alpinelinux 1
cnvd 2
redos 1
fedora 1
gentoo 1
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : FFmpeg vulnerabilities (USN-5958-1)
2023-03-16 00:00:00
Debian DLA-3454-1 : ffmpeg - LTS security update
2023-06-13 00:00:00
SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2023:0007-1)
2023-01-03 00:00:00
ubuntu
ubuntu
FFmpeg vulnerabilities
2023-03-16 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2277
2023-10-22 06:34:44
cloudfoundry
cloudfoundry
USN-5958-1: FFmpeg vulnerabilities | Cloud Foundry
2023-05-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5958-1)
2023-03-16 00:00:00
Debian: Security Advisory (DLA-3454-1)
2023-06-14 00:00:00
Debian: Security Advisory (DSA-5394-1)
2023-05-01 00:00:00
osv
osv
ffmpeg vulnerabilities
2023-03-16 00:21:31
ffmpeg - security update
2023-06-13 00:00:00
CVE-2022-3109
2022-12-16 15:15:09
debian
debian
[SECURITY] [DLA 3454-1] ffmpeg security update
2023-06-13 15:18:07
[SECURITY] [DSA 5394-1] ffmpeg security update
2023-04-30 19:04:04
veracode
veracode
Denial Of Service (DoS)
2022-12-24 12:21:49
Out-Of-Bounds Read
2023-03-24 14:28:33
Denial Of Service (DoS)
2023-02-27 01:22:01
cve
cve
CVE-2022-3109
2022-12-16 15:15:00
CVE-2022-3964
2022-11-13 08:15:00
CVE-2022-3341
2023-01-12 15:15:00
mageia
mageia
Updated ffmpeg packages fix security vulnerability
2023-01-13 20:37:09
Updated ffmpeg packages fix security vulnerability
2023-02-15 01:43:23
ubuntucve
ubuntucve
CVE-2022-3109
2022-12-16 00:00:00
CVE-2022-3964
2022-11-13 00:00:00
CVE-2022-3341
2023-01-12 00:00:00
prion
prion
Null pointer dereference
2022-12-16 15:15:00
Type confusion
2022-11-13 08:15:00
Null pointer dereference
2023-01-12 15:15:00
debiancve
debiancve
CVE-2022-3109
2022-12-16 15:15:00
CVE-2022-3964
2022-11-13 08:15:00
CVE-2022-3341
2023-01-12 15:15:00
alpinelinux
alpinelinux
CVE-2022-3964
2022-11-13 08:15:00
cnvd
cnvd
FFmpeg has an unspecified vulnerability (CNVD-2022-78137)
2022-11-15 00:00:00
FFmpeg Denial of Service Vulnerability (CNVD-2023-64453)
2023-01-17 00:00:00
redos
redos
ROS-20230620-01
2023-06-20 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: ffmpeg-5.0.3-1.fc36
2023-04-22 01:12:24
gentoo
gentoo
FFmpeg: Multiple Vulnerabilities
2023-12-23 00:00:00

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

52.6%

JSON
Related for FAF7C1D0-F5BB-47B4-A6A8-EF57317B9766
nessus12ubuntu1rosalinux1cloudfoundry1openvas16osv6debian2veracode3cve3mageia2ubuntucve3prion3debiancve3alpinelinux1cnvd2redos1fedora1gentoo1