Lucene search
Veracode Vulnerability DatabaseVERACODE:38593HistoryDec 24, 2022 - 12:21 p.m.
Denial Of Service (DoS)
2022-12-2412:21:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
ffmpeg
vulnerability
denial of service
0.001 Low
EPSS
Percentile
50.2%
ffmpeg is vulnerable to denial of service (DoS) attacks. Lack of checks for the return value of av_malloc() in vp3_decode_frame in libavcodec/vp3.c causes a null pointer dereference, resulting a denial of service conditions.
References
bugzilla.redhat.com/show_bug.cgi?id=2153551
github.com/FFmpeg/FFmpeg/commit/656cb0450aeb73b25d7d26980af342b37ac4c568
lists.debian.org/debian-lts-announce/2023/06/msg00016.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KOMB6WRUC55VWV25IKJTV22KARBUGWGQ/
lists.fedoraproject.org/archives/list/[email protected]/message/KOMB6WRUC55VWV25IKJTV22KARBUGWGQ/
security-tracker.debian.org/tracker/CVE-2022-3109
www.debian.org/security/2023/dsa-5394
Related
nvd
nvd
CVE-2022-3109
2022-12-16 15:15:09
openvas
openvas
openSUSE: Security Advisory for ffmpeg (SUSE-SU-2023:0008-1)
2024-03-04 00:00:00
Mageia: Security Advisory (MGASA-2023-0004)
2023-03-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0007-1)
2023-01-03 00:00:00
cvelist
cvelist
CVE-2022-3109
2022-12-16 00:00:00
debiancve
debiancve
CVE-2022-3109
2022-12-16 15:15:09
prion
prion
Null pointer dereference
2022-12-16 15:15:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : ffmpeg-4 (SUSE-SU-2023:0008-1)
2023-01-03 00:00:00
Debian DSA-5394-1 : ffmpeg - security update
2023-05-01 00:00:00
SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2023:0007-1)
2023-01-03 00:00:00
osv
osv
ffmpeg - security update
2023-04-30 00:00:00
CVE-2022-3109
2022-12-16 15:15:09
ffmpeg - security update
2023-06-13 00:00:00
ubuntucve
ubuntucve
CVE-2022-3109
2022-12-16 00:00:00
cve
cve
CVE-2022-3109
2022-12-16 15:15:09
debian
debian
[SECURITY] [DSA 5394-1] ffmpeg security update
2023-04-30 19:03:39
[SECURITY] [DLA 3454-1] ffmpeg security update
2023-06-13 15:17:45
mageia
mageia
Updated ffmpeg packages fix security vulnerability
2023-01-13 20:37:09
fedora
fedora
[SECURITY] Fedora 36 Update: ffmpeg-5.0.3-1.fc36
2023-04-22 01:12:24
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2022-11-12 00:00:00
cloudfoundry
cloudfoundry
USN-5958-1: FFmpeg vulnerabilities | Cloud Foundry
2023-05-25 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2277
2023-10-22 06:34:44
ubuntu
ubuntu
FFmpeg vulnerabilities
2023-03-16 00:00:00