Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/ffmpeg@7:2.8.2-1?distro=trixie
purl pkg:deb/debian/ffmpeg@7:2.8.2-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-gv1x-4yk7-eucv The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. CVE-2015-8216
VCID-k42r-3hax-dqcy The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2015-8219
VCID-nb1j-bc2k-sbgj The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data. CVE-2015-8217
VCID-u3s8-mvze-pkbb The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data. CVE-2015-8218

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-02T02:13:44.809004+00:00 Debian Importer Fixing VCID-nb1j-bc2k-sbgj https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T01:27:06.729263+00:00 Debian Importer Fixing VCID-u3s8-mvze-pkbb https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:27:13.905601+00:00 Debian Importer Fixing VCID-gv1x-4yk7-eucv https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T23:50:40.660841+00:00 Debian Importer Fixing VCID-k42r-3hax-dqcy https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-04-16T12:53:04.856454+00:00 Debian Importer Fixing VCID-u3s8-mvze-pkbb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:56:49.752313+00:00 Debian Importer Fixing VCID-k42r-3hax-dqcy https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:36:28.503810+00:00 Debian Importer Fixing VCID-nb1j-bc2k-sbgj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:49:08.552026+00:00 Debian Importer Fixing VCID-gv1x-4yk7-eucv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:50:43.186577+00:00 Debian Importer Fixing VCID-u3s8-mvze-pkbb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:25:25.892072+00:00 Debian Importer Fixing VCID-k42r-3hax-dqcy https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:10:07.519884+00:00 Debian Importer Fixing VCID-nb1j-bc2k-sbgj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:33:39.739363+00:00 Debian Importer Fixing VCID-gv1x-4yk7-eucv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:16:27.997843+00:00 Debian Importer Fixing VCID-u3s8-mvze-pkbb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:09:55.886025+00:00 Debian Importer Fixing VCID-k42r-3hax-dqcy https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:08:46.618475+00:00 Debian Importer Fixing VCID-nb1j-bc2k-sbgj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:06:01.394512+00:00 Debian Importer Fixing VCID-gv1x-4yk7-eucv https://security-tracker.debian.org/tracker/data/json 38.1.0