6 matches found
OESA-2026-2665 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: When calculating the...
CVE-2026-44353 Streamlink: Arbitrary local file read via file:// URI in HLS and DASH
Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the resolvecontentpath process. An attacker can cause a write operation to occur one byte past the end of a heap-allocated buffer by crafting a specially designed MPEG-DASH manifest that triggers the appending of ...
FFmpeg 安全漏洞
FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg that stems from an out-of-bounds NUL byte write in the content path calculation when processing MPEG-DASH manifests, which could lead to memory...
PT-2025-40874
Name of the Vulnerable Software and Affected Versions Software versions prior to 8.0 Description An issue exists in the handling of MPEG-DASH manifests where an out-of-bounds NUL-byte write occurs one byte past the end of the buffer. This happens during the calculation of the content path. The...
Null Pointer Deference
libgpac.so is vulnerable to Null Pointer Deference. The vulnerability is due to the gfdashsetupperiod function within dashclient.c which has no validation when parsing DASH manifest files to ensure values are non-null before accessing their properties. This flaw allow attackers to craft malicious...