ffmpeg-4-4.4.7-2.1 on GA media (moderate)

ffmpeg-4-4.4.7-2.1 on GA media Announcement ID: openSUSE-SU-2026:10866-1 Rating: moderate Cross-References: CVE-2024-35366 CVE-2025-10256 CVE-2025-1594 CVE-2025-9951 CVSS scores: CVE-2024-35366 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-35366 SUSE : 6.9...

CVE-2025-9951 vulnerabilities

Vulnerabilities for packages: ffmpeg...

FFmpeg < 8.0 Heap-Buffer-Overflow

The version of FFmpeg installed on the remote host is prior to 8.0. It is, therefore, affected by a vulnerability: - A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition...

CVE-2025-9951

A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000...

CVE-2025-9951

creationtimestamp| type| source ---|---|--- 2025-09-09 10:13:32+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lyfib7esup2h 2025-09-09 15:38:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyg2gccglc2d...