Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:alpm/archlinux/faad2@2.7-4
purl pkg:alpm/archlinux/faad2@2.7-4
Next non-vulnerable version 2.8.1-1
Latest non-vulnerable version 2.10.0-1
Risk 4.0
Vulnerabilities affecting this package (11)
Vulnerability Summary Fixed by
VCID-137n-d6bn-pucd
Aliases:
CVE-2017-9255
The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-2qkx-5mua-qbfh
Aliases:
CVE-2017-9219
The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-53bt-akgh-nkb8
Aliases:
CVE-2017-9256
The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-8rem-57bh-tffv
Aliases:
CVE-2017-9257
The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-b2jx-kqkj-t7a3
Aliases:
CVE-2017-9253
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-chcg-rgqj-53bz
Aliases:
CVE-2017-9221
The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-g81z-k4p8-kkfy
Aliases:
CVE-2017-9218
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-hdpz-xtwf-pucb
Aliases:
CVE-2017-9223
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-he5k-ga6q-tqch
Aliases:
CVE-2017-9254
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-rjqt-nghm-euab
Aliases:
CVE-2017-9222
The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
VCID-vbv2-cdkz-7qe8
Aliases:
CVE-2017-9220
The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file.
2.8.1-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T18:26:14.238351+00:00 Arch Linux Importer Affected by VCID-g81z-k4p8-kkfy https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.216006+00:00 Arch Linux Importer Affected by VCID-2qkx-5mua-qbfh https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.195485+00:00 Arch Linux Importer Affected by VCID-vbv2-cdkz-7qe8 https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.174864+00:00 Arch Linux Importer Affected by VCID-chcg-rgqj-53bz https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.151593+00:00 Arch Linux Importer Affected by VCID-rjqt-nghm-euab https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.130646+00:00 Arch Linux Importer Affected by VCID-hdpz-xtwf-pucb https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.108501+00:00 Arch Linux Importer Affected by VCID-b2jx-kqkj-t7a3 https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.085738+00:00 Arch Linux Importer Affected by VCID-he5k-ga6q-tqch https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.065338+00:00 Arch Linux Importer Affected by VCID-137n-d6bn-pucd https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.045285+00:00 Arch Linux Importer Affected by VCID-53bt-akgh-nkb8 https://security.archlinux.org/AVG-328 38.0.0
2026-04-01T18:26:14.024390+00:00 Arch Linux Importer Affected by VCID-8rem-57bh-tffv https://security.archlinux.org/AVG-328 38.0.0