Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
Typeapk
Namespacealpine
Nameffmpeg
Version8.0-r0
Qualifiers
arch armv7
distroversion v3.23
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1kt8-snqa-5ygv
vulnerability_id VCID-1kt8-snqa-5ygv
summary A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6602
reference_id
reference_type
scores
0
value 0.00163
scoring_system epss
scoring_elements 0.37253
published_at 2026-04-13T12:55:00Z
1
value 0.00163
scoring_system epss
scoring_elements 0.37388
published_at 2026-04-02T12:55:00Z
2
value 0.00163
scoring_system epss
scoring_elements 0.37282
published_at 2026-04-18T12:55:00Z
3
value 0.00163
scoring_system epss
scoring_elements 0.37299
published_at 2026-04-16T12:55:00Z
4
value 0.00163
scoring_system epss
scoring_elements 0.37412
published_at 2026-04-04T12:55:00Z
5
value 0.00163
scoring_system epss
scoring_elements 0.3724
published_at 2026-04-07T12:55:00Z
6
value 0.00163
scoring_system epss
scoring_elements 0.37291
published_at 2026-04-08T12:55:00Z
7
value 0.00163
scoring_system epss
scoring_elements 0.37303
published_at 2026-04-09T12:55:00Z
8
value 0.00163
scoring_system epss
scoring_elements 0.37314
published_at 2026-04-11T12:55:00Z
9
value 0.00163
scoring_system epss
scoring_elements 0.37281
published_at 2026-04-12T12:55:00Z
10
value 0.00196
scoring_system epss
scoring_elements 0.41521
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6602
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6602
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6602
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2334338
reference_id show_bug.cgi?id=2334338
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-31T15:00:28Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2334338
fixed_packages
0
url pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@7.1.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2023-6602
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kt8-snqa-5ygv
1
url VCID-1way-v9uz-c3fq
vulnerability_id VCID-1way-v9uz-c3fq
summary FFmpeg: FFmpeg: Out-of-bounds NUL-byte write in MPEG-DASH manifest handling
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59728.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59728.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59728
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.04849
published_at 2026-04-02T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.04993
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.0489
published_at 2026-04-13T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.0484
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04847
published_at 2026-04-18T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.04893
published_at 2026-04-07T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.0493
published_at 2026-04-08T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.04946
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.04929
published_at 2026-04-11T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04909
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59728
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401803
reference_id 2401803
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401803
4
reference_url https://issuetracker.google.com/433502298
reference_id 433502298
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:09Z/
url https://issuetracker.google.com/433502298
5
reference_url https://usn.ubuntu.com/7982-1/
reference_id USN-7982-1
reference_type
scores
url https://usn.ubuntu.com/7982-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-59728
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1way-v9uz-c3fq
2
url VCID-5mvh-utfm-6kd8
vulnerability_id VCID-5mvh-utfm-6kd8
summary FFmpeg: FFmpeg: Integer underflow in DHAV file header parsing leads to out-of-bounds read
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59729.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59729.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59729
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05714
published_at 2026-04-02T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05895
published_at 2026-04-21T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05779
published_at 2026-04-13T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05742
published_at 2026-04-16T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05751
published_at 2026-04-18T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05754
published_at 2026-04-04T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.0575
published_at 2026-04-07T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05789
published_at 2026-04-08T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05814
published_at 2026-04-09T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05793
published_at 2026-04-11T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05785
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59729
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401798
reference_id 2401798
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401798
4
reference_url https://issuetracker.google.com/433513232
reference_id 433513232
reference_type
scores
0
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T16:25:07Z/
url https://issuetracker.google.com/433513232
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-59729
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5mvh-utfm-6kd8
3
url VCID-aypg-u4ez-z3by
vulnerability_id VCID-aypg-u4ez-z3by
summary FFmpeg: FFmpeg: Use-after-free vulnerability in SANM decoding
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59734.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59734.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59734
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.04926
published_at 2026-04-02T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05066
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.04962
published_at 2026-04-13T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.04909
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04919
published_at 2026-04-18T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04952
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.0497
published_at 2026-04-07T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05003
published_at 2026-04-08T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05019
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05
published_at 2026-04-11T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04982
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59734
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401800
reference_id 2401800
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401800
4
reference_url https://issuetracker.google.com/440183164
reference_id 440183164
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:15Z/
url https://issuetracker.google.com/440183164
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-59734
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aypg-u4ez-z3by
4
url VCID-cpnk-whs1-6kg7
vulnerability_id VCID-cpnk-whs1-6kg7
summary A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1594
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30734
published_at 2026-04-09T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30826
published_at 2026-04-04T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30644
published_at 2026-04-07T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30702
published_at 2026-04-08T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30692
published_at 2026-04-12T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30738
published_at 2026-04-11T12:55:00Z
6
value 0.00118
scoring_system epss
scoring_elements 0.30656
published_at 2026-04-18T12:55:00Z
7
value 0.00118
scoring_system epss
scoring_elements 0.30673
published_at 2026-04-16T12:55:00Z
8
value 0.00118
scoring_system epss
scoring_elements 0.30648
published_at 2026-04-13T12:55:00Z
9
value 0.00121
scoring_system epss
scoring_elements 0.31104
published_at 2026-04-21T12:55:00Z
10
value 0.00329
scoring_system epss
scoring_elements 0.55896
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1594
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1594
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1594
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://trac.ffmpeg.org/ticket/11418#comment:3
reference_id 11418#comment:3
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/
url https://trac.ffmpeg.org/ticket/11418#comment:3
4
reference_url https://vuldb.com/?ctiid.296589
reference_id ?ctiid.296589
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/
url https://vuldb.com/?ctiid.296589
5
reference_url https://ffmpeg.org/
reference_id ffmpeg.org
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/
url https://ffmpeg.org/
6
reference_url https://vuldb.com/?id.296589
reference_id ?id.296589
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/
url https://vuldb.com/?id.296589
7
reference_url https://trac.ffmpeg.org/attachment/ticket/11418/poc
reference_id poc
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/
url https://trac.ffmpeg.org/attachment/ticket/11418/poc
8
reference_url https://vuldb.com/?submit.496929
reference_id ?submit.496929
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/
url https://vuldb.com/?submit.496929
9
reference_url https://usn.ubuntu.com/7738-1/
reference_id USN-7738-1
reference_type
scores
url https://usn.ubuntu.com/7738-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@7.1.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-1594
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cpnk-whs1-6kg7
5
url VCID-d64g-97h2-1qcs
vulnerability_id VCID-d64g-97h2-1qcs
summary FFmpeg: FFmpeg: Heap-buffer-overflow in SANM (ANIM v0 variant) file frame decoding
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59730.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59730.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59730
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.04849
published_at 2026-04-02T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.04993
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.0489
published_at 2026-04-13T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.0484
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04847
published_at 2026-04-18T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.04893
published_at 2026-04-07T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.0493
published_at 2026-04-08T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.04946
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.04929
published_at 2026-04-11T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04909
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59730
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401802
reference_id 2401802
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401802
4
reference_url https://issuetracker.google.com/434637586
reference_id 434637586
reference_type
scores
0
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T16:22:19Z/
url https://issuetracker.google.com/434637586
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-59730
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d64g-97h2-1qcs
6
url VCID-dxkt-5xbr-zbcw
vulnerability_id VCID-dxkt-5xbr-zbcw
summary FFmpeg: FFmpeg: Heap memory corruption when decoding OpenEXR files with DWAA/DWAB compression
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59732.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59732.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59732
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.04926
published_at 2026-04-02T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05066
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.04962
published_at 2026-04-13T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.04909
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04919
published_at 2026-04-18T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04952
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.0497
published_at 2026-04-07T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05003
published_at 2026-04-08T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05019
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05
published_at 2026-04-11T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04982
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59732
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401797
reference_id 2401797
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401797
4
reference_url https://issuetracker.google.com/436510316
reference_id 436510316
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:13Z/
url https://issuetracker.google.com/436510316
5
reference_url https://usn.ubuntu.com/7982-1/
reference_id USN-7982-1
reference_type
scores
url https://usn.ubuntu.com/7982-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-59732
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxkt-5xbr-zbcw
7
url VCID-e7ak-ahr6-wfa5
vulnerability_id VCID-e7ak-ahr6-wfa5
summary 
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data.

We read rle_raw_size from the input file at [0], we decompress and decode into the buffer td->rle_raw_data of size rle_raw_size at [1], and then at [2] we will access entries in this buffer up to (td->xsize - 1) * (td->ysize - 1) + rle_raw_size / 2, which may exceed rle_raw_size.




We recommend upgrading to version 8.0 or beyond.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59731
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.04993
published_at 2026-04-21T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.04849
published_at 2026-04-02T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.0489
published_at 2026-04-13T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.0484
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04847
published_at 2026-04-18T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.04893
published_at 2026-04-07T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.0493
published_at 2026-04-08T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.04946
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.04929
published_at 2026-04-11T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04909
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59731
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://issuetracker.google.com/436510153
reference_id 436510153
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:11Z/
url https://issuetracker.google.com/436510153
3
reference_url https://usn.ubuntu.com/7982-1/
reference_id USN-7982-1
reference_type
scores
url https://usn.ubuntu.com/7982-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-59731
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7ak-ahr6-wfa5
8
url VCID-hcf3-x3kz-gkaz
vulnerability_id VCID-hcf3-x3kz-gkaz
summary FFmpeg git master before commit fd1772 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-25471
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.32228
published_at 2026-04-21T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.32243
published_at 2026-04-13T12:55:00Z
2
value 0.00129
scoring_system epss
scoring_elements 0.32278
published_at 2026-04-16T12:55:00Z
3
value 0.00129
scoring_system epss
scoring_elements 0.32258
published_at 2026-04-18T12:55:00Z
4
value 0.00129
scoring_system epss
scoring_elements 0.32372
published_at 2026-04-02T12:55:00Z
5
value 0.00129
scoring_system epss
scoring_elements 0.32409
published_at 2026-04-04T12:55:00Z
6
value 0.00129
scoring_system epss
scoring_elements 0.32234
published_at 2026-04-07T12:55:00Z
7
value 0.00129
scoring_system epss
scoring_elements 0.32282
published_at 2026-04-08T12:55:00Z
8
value 0.00129
scoring_system epss
scoring_elements 0.32312
published_at 2026-04-11T12:55:00Z
9
value 0.00129
scoring_system epss
scoring_elements 0.32274
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-25471
1
reference_url https://trac.ffmpeg.org/ticket/11417
reference_id 11417
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-20T21:02:43Z/
url https://trac.ffmpeg.org/ticket/11417
2
reference_url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/fd1772b7475d0d5673a5dd314ee78443d0be4cf1
reference_id fd1772b7475d0d5673a5dd314ee78443d0be4cf1
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-20T21:02:43Z/
url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/fd1772b7475d0d5673a5dd314ee78443d0be4cf1
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-25471
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcf3-x3kz-gkaz
9
url VCID-hd6u-9x7x-mke8
vulnerability_id VCID-hd6u-9x7x-mke8
summary A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6605
reference_id
reference_type
scores
0
value 0.00093
scoring_system epss
scoring_elements 0.25993
published_at 2026-04-13T12:55:00Z
1
value 0.00093
scoring_system epss
scoring_elements 0.26158
published_at 2026-04-02T12:55:00Z
2
value 0.00093
scoring_system epss
scoring_elements 0.25978
published_at 2026-04-18T12:55:00Z
3
value 0.00093
scoring_system epss
scoring_elements 0.25997
published_at 2026-04-16T12:55:00Z
4
value 0.00093
scoring_system epss
scoring_elements 0.26199
published_at 2026-04-04T12:55:00Z
5
value 0.00093
scoring_system epss
scoring_elements 0.2597
published_at 2026-04-07T12:55:00Z
6
value 0.00093
scoring_system epss
scoring_elements 0.26037
published_at 2026-04-08T12:55:00Z
7
value 0.00093
scoring_system epss
scoring_elements 0.26088
published_at 2026-04-09T12:55:00Z
8
value 0.00093
scoring_system epss
scoring_elements 0.26098
published_at 2026-04-11T12:55:00Z
9
value 0.00093
scoring_system epss
scoring_elements 0.26052
published_at 2026-04-12T12:55:00Z
10
value 0.00115
scoring_system epss
scoring_elements 0.30012
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6605
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6605
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2334336
reference_id show_bug.cgi?id=2334336
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:03:36Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2334336
4
reference_url https://usn.ubuntu.com/7830-1/
reference_id USN-7830-1
reference_type
scores
url https://usn.ubuntu.com/7830-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@7.1.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2023-6605
risk_score 3.2
exploitability 0.5
weighted_severity 6.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hd6u-9x7x-mke8
10
url VCID-k14h-eek4-s3cv
vulnerability_id VCID-k14h-eek4-s3cv
summary A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22919
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22545
published_at 2026-04-21T12:55:00Z
1
value 0.00075
scoring_system epss
scoring_elements 0.2268
published_at 2026-04-11T12:55:00Z
2
value 0.00075
scoring_system epss
scoring_elements 0.22639
published_at 2026-04-12T12:55:00Z
3
value 0.00075
scoring_system epss
scoring_elements 0.22584
published_at 2026-04-13T12:55:00Z
4
value 0.00075
scoring_system epss
scoring_elements 0.22598
published_at 2026-04-16T12:55:00Z
5
value 0.00075
scoring_system epss
scoring_elements 0.22595
published_at 2026-04-18T12:55:00Z
6
value 0.00075
scoring_system epss
scoring_elements 0.22531
published_at 2026-04-07T12:55:00Z
7
value 0.00075
scoring_system epss
scoring_elements 0.22609
published_at 2026-04-08T12:55:00Z
8
value 0.00075
scoring_system epss
scoring_elements 0.22662
published_at 2026-04-09T12:55:00Z
9
value 0.00079
scoring_system epss
scoring_elements 0.23503
published_at 2026-04-02T12:55:00Z
10
value 0.00079
scoring_system epss
scoring_elements 0.2354
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22919
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22919
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://trac.ffmpeg.org/ticket/11385
reference_id 11385
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:10:35Z/
url https://trac.ffmpeg.org/ticket/11385
4
reference_url https://usn.ubuntu.com/7538-1/
reference_id USN-7538-1
reference_type
scores
url https://usn.ubuntu.com/7538-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@7.1.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-22919
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k14h-eek4-s3cv
11
url VCID-kcjw-jy65-hfge
vulnerability_id VCID-kcjw-jy65-hfge
summary A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6604
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24248
published_at 2026-04-13T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24405
published_at 2026-04-02T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24252
published_at 2026-04-18T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24264
published_at 2026-04-16T12:55:00Z
4
value 0.00083
scoring_system epss
scoring_elements 0.24437
published_at 2026-04-04T12:55:00Z
5
value 0.00083
scoring_system epss
scoring_elements 0.2422
published_at 2026-04-07T12:55:00Z
6
value 0.00083
scoring_system epss
scoring_elements 0.24287
published_at 2026-04-08T12:55:00Z
7
value 0.00083
scoring_system epss
scoring_elements 0.2433
published_at 2026-04-09T12:55:00Z
8
value 0.00083
scoring_system epss
scoring_elements 0.24348
published_at 2026-04-11T12:55:00Z
9
value 0.00083
scoring_system epss
scoring_elements 0.24305
published_at 2026-04-12T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27547
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6604
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6604
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2334337
reference_id show_bug.cgi?id=2334337
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:05:31Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2334337
fixed_packages
0
url pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@7.1.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2023-6604
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcjw-jy65-hfge
12
url VCID-ns8d-144c-zqd5
vulnerability_id VCID-ns8d-144c-zqd5
summary A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c allows attackers to trigger a memory corruption via supplying a crafted media file in avformat when processing tile grid group streams. This can lead to a Denial of Service (DoS).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22920
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31631
published_at 2026-04-09T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31601
published_at 2026-04-08T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31549
published_at 2026-04-07T12:55:00Z
3
value 0.0013
scoring_system epss
scoring_elements 0.32621
published_at 2026-04-04T12:55:00Z
4
value 0.0013
scoring_system epss
scoring_elements 0.32584
published_at 2026-04-02T12:55:00Z
5
value 0.00155
scoring_system epss
scoring_elements 0.36238
published_at 2026-04-21T12:55:00Z
6
value 0.00155
scoring_system epss
scoring_elements 0.36322
published_at 2026-04-11T12:55:00Z
7
value 0.00155
scoring_system epss
scoring_elements 0.36285
published_at 2026-04-12T12:55:00Z
8
value 0.00155
scoring_system epss
scoring_elements 0.36261
published_at 2026-04-13T12:55:00Z
9
value 0.00155
scoring_system epss
scoring_elements 0.36306
published_at 2026-04-16T12:55:00Z
10
value 0.00155
scoring_system epss
scoring_elements 0.3629
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22920
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://trac.ffmpeg.org/ticket/11389
reference_id 11389
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:13:41Z/
url https://trac.ffmpeg.org/ticket/11389
3
reference_url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/4bf784c0e5615c3f934e677d5de093a8be7da7ae
reference_id 4bf784c0e5615c3f934e677d5de093a8be7da7ae
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:13:41Z/
url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/4bf784c0e5615c3f934e677d5de093a8be7da7ae
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-22920
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8d-144c-zqd5
13
url VCID-s89e-x3gb-n3cg
vulnerability_id VCID-s89e-x3gb-n3cg
summary A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The patch is identified as 43be8d07281caca2e88bfd8ee2333633e1fb1a13. It is recommended to apply a patch to fix this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1373
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08355
published_at 2026-04-04T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08302
published_at 2026-04-02T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08217
published_at 2026-04-18T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.0823
published_at 2026-04-16T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08334
published_at 2026-04-13T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08351
published_at 2026-04-12T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.0837
published_at 2026-04-11T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08378
published_at 2026-04-21T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08361
published_at 2026-04-08T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08298
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1373
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://trac.ffmpeg.org/ticket/11460
reference_id 11460
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:53:16Z/
url https://trac.ffmpeg.org/ticket/11460
3
reference_url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/43be8d07281caca2e88bfd8ee2333633e1fb1a13
reference_id 43be8d07281caca2e88bfd8ee2333633e1fb1a13
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:53:16Z/
url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/43be8d07281caca2e88bfd8ee2333633e1fb1a13
4
reference_url https://vuldb.com/?ctiid.295982
reference_id ?ctiid.295982
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:53:16Z/
url https://vuldb.com/?ctiid.295982
5
reference_url https://ffmpeg.org/
reference_id ffmpeg.org
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:53:16Z/
url https://ffmpeg.org/
6
reference_url https://vuldb.com/?id.295982
reference_id ?id.295982
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:53:16Z/
url https://vuldb.com/?id.295982
7
reference_url https://trac.ffmpeg.org/attachment/ticket/11460/poc
reference_id poc
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:53:16Z/
url https://trac.ffmpeg.org/attachment/ticket/11460/poc
8
reference_url https://vuldb.com/?submit.496930
reference_id ?submit.496930
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:53:16Z/
url https://vuldb.com/?submit.496930
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-1373
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s89e-x3gb-n3cg
14
url VCID-u45n-rr9s-ffah
vulnerability_id VCID-u45n-rr9s-ffah
summary Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issue was fixed:  https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-0518
reference_id
reference_type
scores
0
value 0.00122
scoring_system epss
scoring_elements 0.31186
published_at 2026-04-21T12:55:00Z
1
value 0.00122
scoring_system epss
scoring_elements 0.31337
published_at 2026-04-02T12:55:00Z
2
value 0.00122
scoring_system epss
scoring_elements 0.312
published_at 2026-04-13T12:55:00Z
3
value 0.00122
scoring_system epss
scoring_elements 0.31232
published_at 2026-04-16T12:55:00Z
4
value 0.00122
scoring_system epss
scoring_elements 0.31214
published_at 2026-04-18T12:55:00Z
5
value 0.00122
scoring_system epss
scoring_elements 0.31378
published_at 2026-04-04T12:55:00Z
6
value 0.00122
scoring_system epss
scoring_elements 0.31198
published_at 2026-04-07T12:55:00Z
7
value 0.00122
scoring_system epss
scoring_elements 0.31251
published_at 2026-04-08T12:55:00Z
8
value 0.00122
scoring_system epss
scoring_elements 0.31281
published_at 2026-04-09T12:55:00Z
9
value 0.00122
scoring_system epss
scoring_elements 0.31286
published_at 2026-04-11T12:55:00Z
10
value 0.00122
scoring_system epss
scoring_elements 0.31242
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-0518
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0518
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a
reference_id b5b6391d64807578ab872dc58fb8aa621dcfc38a
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-16T19:10:53Z/
url https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a
4
reference_url https://usn.ubuntu.com/7538-1/
reference_id USN-7538-1
reference_type
scores
url https://usn.ubuntu.com/7538-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@7.1.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-0518
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u45n-rr9s-ffah
15
url VCID-xh69-cs7h-wqb2
vulnerability_id VCID-xh69-cs7h-wqb2
summary A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audio_element_obu of the file libavformat/iamf_parse.c of the component IAMF File Handler. The manipulation of the argument num_parameters leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 0526535cd58444dd264e810b2f3348b4d96cff3b. It is recommended to apply a patch to fix this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1816
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25155
published_at 2026-04-12T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25197
published_at 2026-04-11T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.25073
published_at 2026-04-21T12:55:00Z
3
value 0.00088
scoring_system epss
scoring_elements 0.25103
published_at 2026-04-18T12:55:00Z
4
value 0.00088
scoring_system epss
scoring_elements 0.25112
published_at 2026-04-16T12:55:00Z
5
value 0.00088
scoring_system epss
scoring_elements 0.25102
published_at 2026-04-13T12:55:00Z
6
value 0.00245
scoring_system epss
scoring_elements 0.47738
published_at 2026-04-07T12:55:00Z
7
value 0.00245
scoring_system epss
scoring_elements 0.4777
published_at 2026-04-02T12:55:00Z
8
value 0.00245
scoring_system epss
scoring_elements 0.47789
published_at 2026-04-04T12:55:00Z
9
value 0.00245
scoring_system epss
scoring_elements 0.47792
published_at 2026-04-08T12:55:00Z
10
value 0.00292
scoring_system epss
scoring_elements 0.52576
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1816
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/0526535cd58444dd264e810b2f3348b4d96cff3b
reference_id 0526535cd58444dd264e810b2f3348b4d96cff3b
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/
url https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/0526535cd58444dd264e810b2f3348b4d96cff3b
3
reference_url https://trac.ffmpeg.org/ticket/11475
reference_id 11475
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/
url https://trac.ffmpeg.org/ticket/11475
4
reference_url https://vuldb.com/?ctiid.298089
reference_id ?ctiid.298089
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/
url https://vuldb.com/?ctiid.298089
5
reference_url https://ffmpeg.org/
reference_id ffmpeg.org
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/
url https://ffmpeg.org/
6
reference_url https://vuldb.com/?id.298089
reference_id ?id.298089
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/
url https://vuldb.com/?id.298089
7
reference_url https://trac.ffmpeg.org/attachment/ticket/11475/poc
reference_id poc
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/
url https://trac.ffmpeg.org/attachment/ticket/11475/poc
8
reference_url https://vuldb.com/?submit.506575
reference_id ?submit.506575
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/
url https://vuldb.com/?submit.506575
9
reference_url https://usn.ubuntu.com/7538-1/
reference_id USN-7538-1
reference_type
scores
url https://usn.ubuntu.com/7538-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@7.1.1-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@7.1.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-1816
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xh69-cs7h-wqb2
16
url VCID-zd2k-2pb2-y7gz
vulnerability_id VCID-zd2k-2pb2-y7gz
summary FFmpeg: FFmpeg: Buffer overflow in OpenEXR DWAA/DWAB decoding
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59733.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59733.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59733
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05757
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05936
published_at 2026-04-21T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05816
published_at 2026-04-13T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05782
published_at 2026-04-16T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05789
published_at 2026-04-18T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05796
published_at 2026-04-04T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.0579
published_at 2026-04-07T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05829
published_at 2026-04-08T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05853
published_at 2026-04-09T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05832
published_at 2026-04-11T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05823
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59733
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401799
reference_id 2401799
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401799
4
reference_url https://issuetracker.google.com/436511754
reference_id 436511754
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:14Z/
url https://issuetracker.google.com/436511754
5
reference_url https://usn.ubuntu.com/7982-1/
reference_id USN-7982-1
reference_type
scores
url https://usn.ubuntu.com/7982-1/
fixed_packages
0
url pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@8.0-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2025-59733
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zd2k-2pb2-y7gz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@8.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community