Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie

Type deb

Namespace debian

Name ffmpeg

Version 7:5.1.7-0+deb12u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 7:6.0-4

Latest_non_vulnerable_version 7:8.1-3

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1kt8-snqa-5ygv

vulnerability_id VCID-1kt8-snqa-5ygv

summary A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6602

reference_id

reference_type

scores

value	0.00163
scoring_system	epss
scoring_elements	0.37253
published_at	2026-04-13T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37388
published_at	2026-04-02T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37282
published_at	2026-04-18T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37299
published_at	2026-04-16T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37412
published_at	2026-04-04T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.3724
published_at	2026-04-07T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37291
published_at	2026-04-08T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37303
published_at	2026-04-09T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37314
published_at	2026-04-11T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37281
published_at	2026-04-12T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41414
published_at	2026-04-24T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41521
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6602

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2334338

reference_id

show_bug.cgi?id=2334338

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-31T15:00:28Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2334338

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.9-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.1-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2023-6602

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kt8-snqa-5ygv

url VCID-1vbq-3ve8-dbdr

vulnerability_id VCID-1vbq-3ve8-dbdr

summary FFmpeg: NULL Pointer Dereference in FFmpeg ALS Decoder (libavcodec/alsdec.c)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7700.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7700.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-7700

reference_id

reference_type

scores

value	0.00088
scoring_system	epss
scoring_elements	0.25095
published_at	2026-04-08T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25027
published_at	2026-04-07T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.2514
published_at	2026-04-09T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25155
published_at	2026-04-11T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25113
published_at	2026-04-12T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.2506
published_at	2026-04-13T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25071
published_at	2026-04-16T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25825
published_at	2026-04-02T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25868
published_at	2026-04-04T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.2839
published_at	2026-04-18T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28211
published_at	2026-04-24T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28337
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-7700

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7700
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7700

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2380420

reference_id

2380420

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-07T19:07:55Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2380420

reference_url

https://access.redhat.com/security/cve/CVE-2025-7700

reference_id

CVE-2025-7700

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-07T19:07:55Z/

url

https://access.redhat.com/security/cve/CVE-2025-7700

reference_url	https://usn.ubuntu.com/7830-1/
reference_id	USN-7830-1
reference_type
scores
url	https://usn.ubuntu.com/7830-1/

reference_url	https://usn.ubuntu.com/7871-1/
reference_id	USN-7871-1
reference_type
scores
url	https://usn.ubuntu.com/7871-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.9-0%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2025-7700

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vbq-3ve8-dbdr

url VCID-dxkt-5xbr-zbcw

vulnerability_id VCID-dxkt-5xbr-zbcw

summary FFmpeg: FFmpeg: Heap memory corruption when decoding OpenEXR files with DWAA/DWAB compression

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59732.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59732.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-59732

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.04926
published_at	2026-04-02T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05098
published_at	2026-04-24T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04909
published_at	2026-04-16T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04919
published_at	2026-04-18T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05066
published_at	2026-04-21T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04952
published_at	2026-04-04T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.0497
published_at	2026-04-07T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05003
published_at	2026-04-08T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05019
published_at	2026-04-09T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05
published_at	2026-04-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04982
published_at	2026-04-12T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04962
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-59732

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2401797
reference_id	2401797
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2401797

reference_url

https://issuetracker.google.com/436510316

reference_id

436510316

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:13Z/

url

https://issuetracker.google.com/436510316

reference_url	https://usn.ubuntu.com/7982-1/
reference_id	USN-7982-1
reference_type
scores
url	https://usn.ubuntu.com/7982-1/

fixed_packages

url	pkg:deb/debian/ffmpeg@0?distro=trixie
purl	pkg:deb/debian/ffmpeg@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@0%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2025-59732

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxkt-5xbr-zbcw

url VCID-e7ak-ahr6-wfa5

vulnerability_id VCID-e7ak-ahr6-wfa5

summary

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data.

We read rle_raw_size from the input file at [0], we decompress and decode into the buffer td->rle_raw_data of size rle_raw_size at [1], and then at [2] we will access entries in this buffer up to (td->xsize - 1) * (td->ysize - 1) + rle_raw_size / 2, which may exceed rle_raw_size.




We recommend upgrading to version 8.0 or beyond.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-59731

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05023
published_at	2026-04-24T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04849
published_at	2026-04-02T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.0484
published_at	2026-04-16T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04847
published_at	2026-04-18T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04993
published_at	2026-04-21T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04875
published_at	2026-04-04T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04893
published_at	2026-04-07T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.0493
published_at	2026-04-08T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04946
published_at	2026-04-09T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04929
published_at	2026-04-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04909
published_at	2026-04-12T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.0489
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-59731

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://issuetracker.google.com/436510153

reference_id

436510153

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:11Z/

url

https://issuetracker.google.com/436510153

reference_url	https://usn.ubuntu.com/7982-1/
reference_id	USN-7982-1
reference_type
scores
url	https://usn.ubuntu.com/7982-1/

fixed_packages

url	pkg:deb/debian/ffmpeg@0?distro=trixie
purl	pkg:deb/debian/ffmpeg@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@0%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2025-59731

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7ak-ahr6-wfa5

url VCID-fw45-nn58-8khp

vulnerability_id VCID-fw45-nn58-8khp

summary FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50007

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.04924
published_at	2026-04-04T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04899
published_at	2026-04-02T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05072
published_at	2026-04-24T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05042
published_at	2026-04-21T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04894
published_at	2026-04-18T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04885
published_at	2026-04-16T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04936
published_at	2026-04-13T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04954
published_at	2026-04-12T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04973
published_at	2026-04-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04991
published_at	2026-04-09T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04976
published_at	2026-04-08T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.04942
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50007

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://trac.ffmpeg.org/ticket/10700

reference_id

10700

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:36:06Z/

url

https://trac.ffmpeg.org/ticket/10700

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_id

6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:36:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_url

https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47

reference_id

b1942734c7cbcdc9034034373abcc9ecb9644c47

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:36:06Z/

url

https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_id

IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:36:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_id

LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:36:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_url	https://usn.ubuntu.com/6803-1/
reference_id	USN-6803-1
reference_type
scores
url	https://usn.ubuntu.com/6803-1/

fixed_packages

url	pkg:deb/debian/ffmpeg@0?distro=trixie
purl	pkg:deb/debian/ffmpeg@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@0%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.0.1-3%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2023-50007

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fw45-nn58-8khp

url VCID-gfzm-92dd-bqfm

vulnerability_id VCID-gfzm-92dd-bqfm

summary FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31582

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.0613
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06343
published_at	2026-04-24T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06325
published_at	2026-04-21T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06174
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06163
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06204
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06214
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06219
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06227
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06188
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06146
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06161
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31582

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_id

6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:21:23Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_url

https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2

reference_id

99debe5f823f45a482e1dc08de35879aa9c74bd2

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:21:23Z/

url

https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2

reference_url

https://gist.github.com/1047524396/b47d5efe3bc420fb91dbb77c73c0fff3

reference_id

b47d5efe3bc420fb91dbb77c73c0fff3

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:21:23Z/

url

https://gist.github.com/1047524396/b47d5efe3bc420fb91dbb77c73c0fff3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_id

IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:21:23Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_id

LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:21:23Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_url	https://usn.ubuntu.com/6803-1/
reference_id	USN-6803-1
reference_type
scores
url	https://usn.ubuntu.com/6803-1/

reference_url

https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavfilter/vf_codecview.c#L220

reference_id

vf_codecview.c#L220

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:21:23Z/

url

https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavfilter/vf_codecview.c#L220

fixed_packages

url	pkg:deb/debian/ffmpeg@0?distro=trixie
purl	pkg:deb/debian/ffmpeg@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@0%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.0.1-3%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2024-31582

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzm-92dd-bqfm

url VCID-hd6u-9x7x-mke8

vulnerability_id VCID-hd6u-9x7x-mke8

summary A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6605

reference_id

reference_type

scores

value	0.00093
scoring_system	epss
scoring_elements	0.25993
published_at	2026-04-13T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26158
published_at	2026-04-02T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25978
published_at	2026-04-18T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.25997
published_at	2026-04-16T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26199
published_at	2026-04-04T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.2597
published_at	2026-04-07T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26037
published_at	2026-04-08T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26088
published_at	2026-04-09T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26098
published_at	2026-04-11T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26052
published_at	2026-04-12T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.29942
published_at	2026-04-24T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30012
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6605

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2334336

reference_id

show_bug.cgi?id=2334336

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:03:36Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2334336

reference_url	https://usn.ubuntu.com/7830-1/
reference_id	USN-7830-1
reference_type
scores
url	https://usn.ubuntu.com/7830-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.9-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.1-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2023-6605

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hd6u-9x7x-mke8

url VCID-k14h-eek4-s3cv

vulnerability_id VCID-k14h-eek4-s3cv

summary A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-22919

reference_id

reference_type

scores

value	0.00075
scoring_system	epss
scoring_elements	0.22639
published_at	2026-04-12T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22545
published_at	2026-04-21T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22595
published_at	2026-04-18T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22598
published_at	2026-04-16T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22584
published_at	2026-04-13T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22531
published_at	2026-04-07T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22609
published_at	2026-04-08T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22662
published_at	2026-04-09T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.2268
published_at	2026-04-11T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22791
published_at	2026-04-24T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.2354
published_at	2026-04-04T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23503
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-22919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22919

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://trac.ffmpeg.org/ticket/11385

reference_id

11385

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:10:35Z/

url

https://trac.ffmpeg.org/ticket/11385

reference_url	https://usn.ubuntu.com/7538-1/
reference_id	USN-7538-1
reference_type
scores
url	https://usn.ubuntu.com/7538-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.8-0%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.1-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2025-22919

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k14h-eek4-s3cv

url VCID-kcjw-jy65-hfge

vulnerability_id VCID-kcjw-jy65-hfge

summary A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6604

reference_id

reference_type

scores

value	0.00083
scoring_system	epss
scoring_elements	0.24248
published_at	2026-04-13T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24405
published_at	2026-04-02T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24252
published_at	2026-04-18T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24264
published_at	2026-04-16T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24437
published_at	2026-04-04T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.2422
published_at	2026-04-07T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24287
published_at	2026-04-08T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.2433
published_at	2026-04-09T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24348
published_at	2026-04-11T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24305
published_at	2026-04-12T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27507
published_at	2026-04-24T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27547
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6604

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6604
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6604

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2334337

reference_id

show_bug.cgi?id=2334337

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:05:31Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2334337

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.9-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.1-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2023-6604

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcjw-jy65-hfge

url VCID-m3u1-zn19-k3dy

vulnerability_id VCID-m3u1-zn19-k3dy

summary FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-35367

reference_id

reference_type

scores

value	0.00141
scoring_system	epss
scoring_elements	0.34351
published_at	2026-04-08T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34341
published_at	2026-04-18T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34354
published_at	2026-04-16T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34319
published_at	2026-04-13T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34343
published_at	2026-04-12T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34382
published_at	2026-04-11T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.3438
published_at	2026-04-09T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34413
published_at	2026-04-02T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34441
published_at	2026-04-04T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34307
published_at	2026-04-07T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.38896
published_at	2026-04-24T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39106
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-35367

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35367
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35367

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/ffmpeg/ffmpeg/commit/09e6840cf7a3ee07a73c3ae88a020bf27ca1a667

reference_id

09e6840cf7a3ee07a73c3ae88a020bf27ca1a667

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T16:26:41Z/

url

https://github.com/ffmpeg/ffmpeg/commit/09e6840cf7a3ee07a73c3ae88a020bf27ca1a667

reference_url

https://gist.github.com/1047524396/9754a44845578358f6a403447c458ca4

reference_id

9754a44845578358f6a403447c458ca4

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T16:26:41Z/

url

https://gist.github.com/1047524396/9754a44845578358f6a403447c458ca4

reference_url	https://usn.ubuntu.com/7823-1/
reference_id	USN-7823-1
reference_type
scores
url	https://usn.ubuntu.com/7823-1/

reference_url

https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/ppc/vp8dsp_altivec.c#L53

reference_id

vp8dsp_altivec.c#L53

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T16:26:41Z/

url

https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/ppc/vp8dsp_altivec.c#L53

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.8-0%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.0.1-3%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2024-35367

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3u1-zn19-k3dy

url VCID-m827-r499-xubz

vulnerability_id VCID-m827-r499-xubz

summary FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-35368

reference_id

reference_type

scores

value	0.00167
scoring_system	epss
scoring_elements	0.37869
published_at	2026-04-07T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37911
published_at	2026-04-18T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37886
published_at	2026-04-13T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37912
published_at	2026-04-12T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37948
published_at	2026-04-11T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37932
published_at	2026-04-16T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37919
published_at	2026-04-08T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37966
published_at	2026-04-02T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37991
published_at	2026-04-04T12:55:00Z

value	0.00227
scoring_system	epss
scoring_elements	0.45433
published_at	2026-04-24T12:55:00Z

value	0.00227
scoring_system	epss
scoring_elements	0.45518
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-35368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35368

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/ffmpeg/ffmpeg/commit/4513300989502090c4fd6560544dce399a8cd53c

reference_id

4513300989502090c4fd6560544dce399a8cd53c

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T16:20:01Z/

url

https://github.com/ffmpeg/ffmpeg/commit/4513300989502090c4fd6560544dce399a8cd53c

reference_url

https://gist.github.com/1047524396/7e6e47220ae2b2d2fb4611f0d8a31ec5

reference_id

7e6e47220ae2b2d2fb4611f0d8a31ec5

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T16:20:01Z/

url

https://gist.github.com/1047524396/7e6e47220ae2b2d2fb4611f0d8a31ec5

reference_url

https://github.com/FFmpeg/FFmpeg/blob/n7.0/libavcodec/rkmppdec.c#L466

reference_id

rkmppdec.c#L466

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T16:20:01Z/

url

https://github.com/FFmpeg/FFmpeg/blob/n7.0/libavcodec/rkmppdec.c#L466

reference_url	https://usn.ubuntu.com/7823-1/
reference_id	USN-7823-1
reference_type
scores
url	https://usn.ubuntu.com/7823-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.8-0%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1-3%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2024-35368

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m827-r499-xubz

url VCID-n9qa-r9nt-fyc8

vulnerability_id VCID-n9qa-r9nt-fyc8

summary A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-9951

reference_id

reference_type

scores

value	0.0034
scoring_system	epss
scoring_elements	0.56753
published_at	2026-04-04T12:55:00Z

value	0.0034
scoring_system	epss
scoring_elements	0.56732
published_at	2026-04-02T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61326
published_at	2026-04-12T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61258
published_at	2026-04-07T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61306
published_at	2026-04-08T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.6134
published_at	2026-04-11T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.6132
published_at	2026-04-09T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61308
published_at	2026-04-13T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68305
published_at	2026-04-24T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68271
published_at	2026-04-16T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68281
published_at	2026-04-18T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68261
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-9951

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9951
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9951

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/google/security-research/security/advisories/GHSA-39q3-f8jq-v6mg

reference_id

GHSA-39q3-f8jq-v6mg

reference_type

scores

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-09T14:20:36Z/

url

https://github.com/google/security-research/security/advisories/GHSA-39q3-f8jq-v6mg

reference_url	https://usn.ubuntu.com/7830-1/
reference_id	USN-7830-1
reference_type
scores
url	https://usn.ubuntu.com/7830-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.9-0%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2025-9951

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n9qa-r9nt-fyc8

url VCID-nxsr-usgh-z3ah

vulnerability_id VCID-nxsr-usgh-z3ah

summary FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50008

reference_id

reference_type

scores

value	0.00031
scoring_system	epss
scoring_elements	0.08735
published_at	2026-04-08T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08687
published_at	2026-04-02T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08766
published_at	2026-04-24T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08755
published_at	2026-04-21T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08602
published_at	2026-04-18T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08613
published_at	2026-04-16T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08723
published_at	2026-04-13T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08738
published_at	2026-04-12T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.0876
published_at	2026-04-11T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08659
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50008

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://trac.ffmpeg.org/ticket/10701

reference_id

10701

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:58:00Z/

url

https://trac.ffmpeg.org/ticket/10701

reference_url

https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b

reference_id

5f87a68cf70dafeab2fb89b42e41a4c29053b89b

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:58:00Z/

url

https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_id

6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:58:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_id

IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:58:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_id

LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:58:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_url	https://usn.ubuntu.com/6803-1/
reference_id	USN-6803-1
reference_type
scores
url	https://usn.ubuntu.com/6803-1/

fixed_packages

url	pkg:deb/debian/ffmpeg@0?distro=trixie
purl	pkg:deb/debian/ffmpeg@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@0%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.0.1-3%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2023-50008

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxsr-usgh-z3ah

url VCID-qr7y-vmc2-8qce

vulnerability_id VCID-qr7y-vmc2-8qce

summary Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49502

reference_id

reference_type

scores

value	0.00246
scoring_system	epss
scoring_elements	0.47894
published_at	2026-04-04T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47873
published_at	2026-04-02T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47887
published_at	2026-04-24T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47904
published_at	2026-04-21T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.4795
published_at	2026-04-18T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47955
published_at	2026-04-16T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47901
published_at	2026-04-13T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47892
published_at	2026-04-12T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47914
published_at	2026-04-11T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.4789
published_at	2026-04-09T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47895
published_at	2026-04-08T12:55:00Z

value	0.00246
scoring_system	epss
scoring_elements	0.47842
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49502

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://trac.ffmpeg.org/ticket/10688

reference_id

10688

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:52:33Z/

url

https://trac.ffmpeg.org/ticket/10688

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_id

6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:52:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

reference_url

https://github.com/FFmpeg/FFmpeg

reference_id

FFmpeg

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:52:33Z/

url

https://github.com/FFmpeg/FFmpeg

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_id

IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:52:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_id

LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:52:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

reference_url	https://usn.ubuntu.com/6803-1/
reference_id	USN-6803-1
reference_type
scores
url	https://usn.ubuntu.com/6803-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.0.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.0.1-3%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2023-49502

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qr7y-vmc2-8qce

url VCID-u45n-rr9s-ffah

vulnerability_id VCID-u45n-rr9s-ffah

summary Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issue was fixed: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0518

reference_id

reference_type

scores

value	0.00122
scoring_system	epss
scoring_elements	0.31027
published_at	2026-04-24T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31337
published_at	2026-04-02T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31232
published_at	2026-04-16T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31214
published_at	2026-04-18T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31186
published_at	2026-04-21T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31378
published_at	2026-04-04T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31198
published_at	2026-04-07T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31251
published_at	2026-04-08T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31281
published_at	2026-04-09T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31286
published_at	2026-04-11T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31242
published_at	2026-04-12T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.312
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0518

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a

reference_id

b5b6391d64807578ab872dc58fb8aa621dcfc38a

reference_type

scores

value	4.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-16T19:10:53Z/

url

https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a

reference_url	https://usn.ubuntu.com/7538-1/
reference_id	USN-7538-1
reference_type
scores
url	https://usn.ubuntu.com/7538-1/

fixed_packages

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:4.3.8-0%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.8-0%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.1-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2025-0518

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u45n-rr9s-ffah

url VCID-zd2k-2pb2-y7gz

vulnerability_id VCID-zd2k-2pb2-y7gz

summary FFmpeg: FFmpeg: Buffer overflow in OpenEXR DWAA/DWAB decoding

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59733.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59733.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-59733

reference_id

reference_type

scores

value	0.00022
scoring_system	epss
scoring_elements	0.05757
published_at	2026-04-02T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05969
published_at	2026-04-24T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05782
published_at	2026-04-16T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05789
published_at	2026-04-18T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05936
published_at	2026-04-21T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05796
published_at	2026-04-04T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.0579
published_at	2026-04-07T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05829
published_at	2026-04-08T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05853
published_at	2026-04-09T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05832
published_at	2026-04-11T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05823
published_at	2026-04-12T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05816
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-59733

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2401799
reference_id	2401799
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2401799

reference_url

https://issuetracker.google.com/436511754

reference_id

436511754

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-08T03:55:14Z/

url

https://issuetracker.google.com/436511754

reference_url	https://usn.ubuntu.com/7982-1/
reference_id	USN-7982-1
reference_type
scores
url	https://usn.ubuntu.com/7982-1/

fixed_packages

url	pkg:deb/debian/ffmpeg@0?distro=trixie
purl	pkg:deb/debian/ffmpeg@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@0%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:5.1.7-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:7.1.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.2-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

aliases CVE-2025-59733

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zd2k-2pb2-y7gz

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.7-0%252Bdeb12u1%3Fdistro=trixie

Package Instance