OESA-2026-2696 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A flaw was found in...

Astra Linux – Vulnerability in ffmpeg

Before ffmpeg version 4.3, the tty demuxer did not have a ‘readprobe’ function assigned to it. By creating a legitimate “ffconcat” file that references an image, followed by a file that triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long ...

JLSEC-2025-116 Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'readprobe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long...

EUVD-2021-26876

Malware in sbrugna...

Unity Linux 20.1070e Security Update: ffmpeg (UTSA-2025-680631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680631 advisory. Prior to ffmpeg version 4.3, the tty demuxer did not have a 'readprobe' function assigned to it. By crafting a legitimate ffconcat file that references an image,...

EUVD-2023-58825

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-6602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS...

CVE-2021-3566

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'readprobe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long...

CVE-2023-6602

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...

CVE-2023-6602

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...

UBUNTU-CVE-2023-6602

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...

CVE-2023-6602 Ffmpeg: improper handling of input format in tty demuxer of ffmpeg

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...

CVE-2023-6602 Ffmpeg: improper handling of input format in tty demuxer of ffmpeg

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...

CVE-2023-6602

CVE-2023-6602 affects FFmpeg and its TTY Demuxer, allowing potential data exfiltration through improper parsing of non-TTY input files in HLS playlists. Connected advisories confirm the issue and list FFmpeg as affected; remediation cited across sources is to upgrade FFmpeg to patched versions (e...

CVE-2023-6602

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...

PT-2024-15023 · FFmpeg +1 · Ffmpeg +1

Name of the Vulnerable Software and Affected Versions: FFmpeg affected versions not specified Description: A flaw was found in FFmpeg's TTY Demuxer, allowing possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists. Recommendations: At the moment, there is...

SUSE CVE-2021-3566

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'readprobe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long...

USN-5167-1 ffmpeg vulnerabilities

It was discovered that FFmpeg did not properly verify certain input when processing video and audio files. An attacker could possibly use this to send specially crafted input to the application, force a division by zero, and cause a denial of service application crash. CVE-2020-20445,...

CVE-2021-3566

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'readprobe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long...

CVE-2021-3566

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'readprobe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long...