Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/ffmpeg@7:3.2.5-1?distro=trixie
purl pkg:deb/debian/ffmpeg@7:3.2.5-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-f3jf-6qya-nuht The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY format, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. CVE-2017-9996
VCID-n417-8xsr-nuhx Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. CVE-2017-9991
VCID-pyw4-6cjy-6ken security update CVE-2017-9992
VCID-u9w6-aeku-akav libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions. CVE-2017-9994

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:44:47.547829+00:00 Debian Importer Fixing VCID-n417-8xsr-nuhx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:38:35.267573+00:00 Debian Importer Fixing VCID-u9w6-aeku-akav https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:01:05.116220+00:00 Debian Importer Fixing VCID-pyw4-6cjy-6ken https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:51:31.409655+00:00 Debian Importer Fixing VCID-f3jf-6qya-nuht https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:44:26.381666+00:00 Debian Importer Fixing VCID-n417-8xsr-nuhx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:39:48.716243+00:00 Debian Importer Fixing VCID-u9w6-aeku-akav https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:43:02.512951+00:00 Debian Importer Fixing VCID-pyw4-6cjy-6ken https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:56:59.123109+00:00 Debian Importer Fixing VCID-f3jf-6qya-nuht https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:16:03.130614+00:00 Debian Importer Fixing VCID-n417-8xsr-nuhx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:15:43.390448+00:00 Debian Importer Fixing VCID-u9w6-aeku-akav https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:06:43.770574+00:00 Debian Importer Fixing VCID-pyw4-6cjy-6ken https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:02:56.051418+00:00 Debian Importer Fixing VCID-f3jf-6qya-nuht https://security-tracker.debian.org/tracker/data/json 38.1.0