Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (8)
| Vulnerability |
Summary |
Aliases |
|
VCID-1vbq-3ve8-dbdr
|
FFmpeg: NULL Pointer Dereference in FFmpeg ALS Decoder (libavcodec/alsdec.c)
|
CVE-2025-7700
|
|
VCID-2k2f-v66d-t3h3
|
FFmpeg: Double-Free Vulnerability in FFmpeg TensorFlow DNN Backend
|
CVE-2025-12343
|
|
VCID-cpnk-whs1-6kg7
|
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
|
CVE-2025-1594
|
|
VCID-dxkt-5xbr-zbcw
|
FFmpeg: FFmpeg: Heap memory corruption when decoding OpenEXR files with DWAA/DWAB compression
|
CVE-2025-59732
|
|
VCID-e7ak-ahr6-wfa5
|
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data.
We read rle_raw_size from the input file at [0], we decompress and decode into the buffer td->rle_raw_data of size rle_raw_size at [1], and then at [2] we will access entries in this buffer up to (td->xsize - 1) * (td->ysize - 1) + rle_raw_size / 2, which may exceed rle_raw_size.
We recommend upgrading to version 8.0 or beyond.
|
CVE-2025-59731
|
|
VCID-n9qa-r9nt-fyc8
|
A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000.
|
CVE-2025-9951
|
|
VCID-wrb6-w8ps-uuge
|
ffmpeg: NULL pointer dereference in Firequalizer filter (libavfilter/af_firequalizer.c)
|
CVE-2025-10256
|
|
VCID-zd2k-2pb2-y7gz
|
FFmpeg: FFmpeg: Buffer overflow in OpenEXR DWAA/DWAB decoding
|
CVE-2025-59733
|