Search for packages
| purl | pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-352p-mxyy-k3bu
Aliases: CVE-2025-22921 |
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-e9kf-tzg8-9bht | FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread. |
CVE-2024-36615
|
| VCID-grh1-jxmf-dqdv | In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in undefined behavior or crashes during the decoding process. |
CVE-2024-35369
|
| VCID-mun9-fyvn-8kfs | A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions. |
CVE-2023-6601
|
| VCID-ns98-tu4j-sfd5 | FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. |
CVE-2024-31578
|
| VCID-uakc-kpg5-2ug5 | Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component. |
CVE-2023-49528
|
| VCID-wrb6-w8ps-uuge | ffmpeg: NULL pointer dereference in Firequalizer filter (libavfilter/af_firequalizer.c) |
CVE-2025-10256
|