Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie

Type deb

Namespace debian

Name ffmpeg

Version 7:2.8.3-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 7:2.8.4-1

Latest_non_vulnerable_version 7:8.1.1-3

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7zah-3c5m-wygh

vulnerability_id VCID-7zah-3c5m-wygh

summary security update

references

reference_url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4a9af07a49295e014b059c1ab624c40345af5892
reference_id
reference_type
scores
url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4a9af07a49295e014b059c1ab624c40345af5892

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00118.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00118.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8365

reference_id

reference_type

scores

value	0.00536
scoring_system	epss
scoring_elements	0.67419
published_at	2026-04-01T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67582
published_at	2026-05-11T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67607
published_at	2026-05-12T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67455
published_at	2026-04-07T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67476
published_at	2026-04-04T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67506
published_at	2026-04-08T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67521
published_at	2026-04-09T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67543
published_at	2026-04-11T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.6753
published_at	2026-04-12T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67497
published_at	2026-04-13T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67533
published_at	2026-04-16T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67545
published_at	2026-04-18T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67524
published_at	2026-04-21T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67544
published_at	2026-04-24T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67554
published_at	2026-04-26T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67556
published_at	2026-04-29T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67529
published_at	2026-05-05T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67573
published_at	2026-05-07T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67611
published_at	2026-05-09T12:55:00Z

value	0.00625
scoring_system	epss
scoring_elements	0.70358
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9992

reference_url	http://www.debian.org/security/2017/dsa-4012
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-4012

reference_url	http://www.ubuntu.com/usn/USN-2944-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2944-1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806519
reference_id	806519
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806519

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8365

reference_id

CVE-2015-8365

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8365

reference_url	https://usn.ubuntu.com/2944-1/
reference_id	USN-2944-1
reference_type
scores
url	https://usn.ubuntu.com/2944-1/

fixed_packages

url	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:2.8.3-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1.1-3%3Fdistro=trixie

aliases CVE-2015-8365

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7zah-3c5m-wygh

url VCID-896h-63ya-bkdx

vulnerability_id VCID-896h-63ya-bkdx

summary The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via a crafted image with two or more of these markers.

references

reference_url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=44a7f17d0b20e6f8d836b2957e3e357b639f19a2
reference_id
reference_type
scores
url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=44a7f17d0b20e6f8d836b2957e3e357b639f19a2

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00118.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00118.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8363

reference_id

reference_type

scores

value	0.00485
scoring_system	epss
scoring_elements	0.6553
published_at	2026-05-14T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65278
published_at	2026-04-01T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65327
published_at	2026-04-02T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65353
published_at	2026-04-04T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65317
published_at	2026-04-07T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65369
published_at	2026-04-08T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.6538
published_at	2026-04-09T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65399
published_at	2026-04-11T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65386
published_at	2026-04-12T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65358
published_at	2026-04-13T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65394
published_at	2026-04-16T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65404
published_at	2026-04-18T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65389
published_at	2026-04-21T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65406
published_at	2026-04-24T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65418
published_at	2026-04-26T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65414
published_at	2026-04-29T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65393
published_at	2026-05-05T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65438
published_at	2026-05-07T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65483
published_at	2026-05-09T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65453
published_at	2026-05-11T12:55:00Z

value	0.00485
scoring_system	epss
scoring_elements	0.65474
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8363

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8363

reference_url	https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806519
reference_id	806519
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806519

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8363

reference_id

CVE-2015-8363

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8363

fixed_packages

url	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:2.8.3-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1.1-3%3Fdistro=trixie

aliases CVE-2015-8363

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-896h-63ya-bkdx

url VCID-b7qy-3n8b-akb3

vulnerability_id VCID-b7qy-3n8b-akb3

summary Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via crafted image dimensions in Indeo Video Interactive data.

references

reference_url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=df91aa034b82b77a3c4e01791f4a2b2ff6c82066
reference_id
reference_type
scores
url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=df91aa034b82b77a3c4e01791f4a2b2ff6c82066

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00118.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00118.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8364

reference_id

reference_type

scores

value	0.00582
scoring_system	epss
scoring_elements	0.68871
published_at	2026-04-01T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.69091
published_at	2026-05-09T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.69083
published_at	2026-05-12T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68889
published_at	2026-04-02T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.6891
published_at	2026-04-04T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.6889
published_at	2026-04-07T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68941
published_at	2026-04-08T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.6896
published_at	2026-04-09T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68982
published_at	2026-04-11T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68968
published_at	2026-04-12T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68938
published_at	2026-04-13T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.6898
published_at	2026-04-16T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.6899
published_at	2026-04-18T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68969
published_at	2026-04-21T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.69021
published_at	2026-04-24T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.69028
published_at	2026-04-26T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.69034
published_at	2026-04-29T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.69016
published_at	2026-05-05T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.69058
published_at	2026-05-11T12:55:00Z

value	0.00666
scoring_system	epss
scoring_elements	0.71442
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8364

reference_url	https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html

reference_url	http://www.ubuntu.com/usn/USN-2944-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2944-1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806519
reference_id	806519
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806519

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*
reference_id	cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8364

reference_id

CVE-2015-8364

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8364

reference_url	https://usn.ubuntu.com/2944-1/
reference_id	USN-2944-1
reference_type
scores
url	https://usn.ubuntu.com/2944-1/

fixed_packages

url	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:2.8.3-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1.1-3%3Fdistro=trixie

aliases CVE-2015-8364

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7qy-3n8b-akb3

url VCID-gb6n-8hj8-6qeb

vulnerability_id VCID-gb6n-8hj8-6qeb

summary The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data.

references

reference_url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5
reference_id
reference_type
scores
url	http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00004.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8661

reference_id

reference_type

scores

value	0.00683
scoring_system	epss
scoring_elements	0.71826
published_at	2026-05-14T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71768
published_at	2026-05-12T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71593
published_at	2026-04-01T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71599
published_at	2026-04-02T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71617
published_at	2026-04-04T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.7159
published_at	2026-04-07T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.7163
published_at	2026-04-08T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.7164
published_at	2026-04-09T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71664
published_at	2026-04-11T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71647
published_at	2026-04-12T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71629
published_at	2026-04-13T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71672
published_at	2026-04-16T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71678
published_at	2026-04-18T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.7166
published_at	2026-04-21T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.7171
published_at	2026-04-24T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71714
published_at	2026-04-26T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71719
published_at	2026-04-29T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71705
published_at	2026-05-05T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71739
published_at	2026-05-11T12:55:00Z

value	0.00683
scoring_system	epss
scoring_elements	0.71773
published_at	2026-05-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8661
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8661

reference_url	https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html

reference_url	http://www.securitytracker.com/id/1034539
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034539

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg::::::::
reference_id	cpe:2.3:a:ffmpeg:ffmpeg::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8661

reference_id

CVE-2015-8661

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8661

fixed_packages

url	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:2.8.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:2.8.3-1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ujjc-ays1-gfc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

vulnerability	VCID-e9kf-tzg8-9bht

vulnerability	VCID-grh1-jxmf-dqdv

vulnerability	VCID-mun9-fyvn-8kfs

vulnerability	VCID-ns98-tu4j-sfd5

vulnerability	VCID-uakc-kpg5-2ug5

vulnerability	VCID-wrb6-w8ps-uuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qje-t52h-fyfk

vulnerability	VCID-352p-mxyy-k3bu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie

url	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
purl	pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1.1-3%3Fdistro=trixie

aliases CVE-2015-8661

risk_score 3.8

exploitability 0.5

weighted_severity 7.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gb6n-8hj8-6qeb

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:2.8.3-1%3Fdistro=trixie

Package Instance