VulnerableCode Package Details - pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1kt8-snqa-5ygv	A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.	CVE-2023-6602
VCID-hd6u-9x7x-mke8	A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.	CVE-2023-6605
VCID-kcjw-jy65-hfge	A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.	CVE-2023-6604

Vulnerability

Summary

Aliases

VCID-1kt8-snqa-5ygv

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.

CVE-2023-6602

VCID-hd6u-9x7x-mke8

A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.

CVE-2023-6605

VCID-kcjw-jy65-hfge

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.

CVE-2023-6604

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:42:14.879937+00:00	Debian Importer	Fixing	VCID-hd6u-9x7x-mke8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:20:37.091090+00:00	Debian Importer	Fixing	VCID-kcjw-jy65-hfge	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:06:24.203939+00:00	Debian Importer	Fixing	VCID-1kt8-snqa-5ygv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:14:24.832504+00:00	Debian Importer	Fixing	VCID-hd6u-9x7x-mke8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:57:52.323650+00:00	Debian Importer	Fixing	VCID-kcjw-jy65-hfge	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:06:03.990996+00:00	Debian Importer	Fixing	VCID-1kt8-snqa-5ygv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:09:08.940600+00:00	Debian Importer	Fixing	VCID-hd6u-9x7x-mke8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:07:46.748310+00:00	Debian Importer	Fixing	VCID-kcjw-jy65-hfge	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:03:50.818501+00:00	Debian Importer	Fixing	VCID-1kt8-snqa-5ygv	https://security-tracker.debian.org/tracker/data/json	38.1.0