CVE-2019-9721

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

CVE-2019-9718

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

CVE-2019-9718

CVE-2019-9718 is a DoS in FFmpeg’s subtitle decoder, affecting FFmpeg 3.2 and 4.1 via the Matroska subtitle path. The root cause is a complex format string in ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c that enables consuming excessive CPU when parsing crafted Matroska subtitles. Public ad...

FFmpeg 'ff_htmlmarkup_to_ass' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffhtmlmarkuptoass' function in the libavcodec/htmlsubtitles.c file of the subtitle decoder in FFmpeg version 4.1. A remote attacker can exploit this...

CVE-2019-9721

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

UBUNTU-CVE-2018-20001

In Libav 12.3, there is a floating point exception in the rangedecodeculshift function called from rangedecodebits in libavcodec/apedec.c that will lead to remote denial of service via crafted input...

PT-2018-14821 · FFmpeg · Libav

Name of the Vulnerable Software and Affected Versions: Libav version 12.3 Description: A NULL pointer dereference issue in the ff mpa synth filter float function in libavcodec/mpegaudiodsp template.c can cause a segmentation fault, leading to an application crash, when processing a crafted mov...

Ffmpeg Denial of Service Vulnerability (CNVD-2018-12758)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in libavcodec in FFmpeg version 4.0.1, which is caused by the program failing to properly maintain consistency between the context profile field and the...

CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

UBUNTU-CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

DEBIAN-CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

Design/Logic Flaw

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

CVE-2018-13304

In FFmpeg 4.0.1, the vulnerability CVE-2018-13304 stems from improper maintenance of consistency between the context profile field and studio_profile in libavcodec. This can trigger an assertion failure during conversion of a crafted AVI file to MPEG-4, potentially causing a denial of service. Af...

CVE-2018-13305

In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service...

CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

libbpg libavcodec Buffer Overflow Vulnerability

libbpg is a new image format library. libavcodec is one of the general-purpose encoding/decoding libraries. A buffer overflow vulnerability exists in the 'restoretqbpixels' function in the hevcfilter.c file of libavcodec in libbpg version 0.9.8 and other products. A remote attacker could exploit...

FFmpeg Libavcodec Denial of Service Vulnerability

FFmpeg is the FFmpeg team's complete solution for recording, converting, and streaming audio and video. libavcodec is one of the general-purpose encoding/decoding libraries. A security vulnerability exists in Libavcode in FFmpeg. The vulnerability can be exploited to cause a denial of service nul...

FFmpeg Denial of Service Vulnerability (CNVD-2018-23869)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'mpeg4encodegopheader' function in the libavcodec/mpeg4videoenc.c file in FFmpeg. An attacker can exploit this vulnerability to cause a denial of...