{"url":"http://public2.vulnerablecode.io/api/packages/94223?format=json","purl":"pkg:deb/debian/ffmpeg@7:2.8.1-1?distro=trixie","type":"deb","namespace":"debian","name":"ffmpeg","version":"7:2.8.1-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7:2.8.2-1","latest_non_vulnerable_version":"7:8.1.1-3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67504?format=json","vulnerability_id":"VCID-qmjp-vnas-vkdk","summary":"The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6761.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6761","reference_id":"","reference_type":"","scores":[{"value":"0.01459","scoring_system":"epss","scoring_elements":"0.81179","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01459","scoring_system":"epss","scoring_elements":"0.81207","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01459","scoring_system":"epss","scoring_elements":"0.8121","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01459","scoring_system":"epss","scoring_elements":"0.81203","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01459","scoring_system":"epss","scoring_elements":"0.81221","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6755","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6755"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6763"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1271557","reference_id":"1271557","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1271557"},{"reference_url":"https://security.gentoo.org/glsa/201603-09","reference_id":"GLSA-201603-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1912","reference_id":"RHSA-2015:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1912"},{"reference_url":"https://usn.ubuntu.com/2770-1/","reference_id":"USN-2770-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2770-1/"},{"reference_url":"https://usn.ubuntu.com/2770-2/","reference_id":"USN-2770-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2770-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/94223?format=json","purl":"pkg:deb/debian/ffmpeg@7:2.8.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:2.8.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94169?format=json","purl":"pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d3jt-x17d-7ud4"},{"vulnerability":"VCID-te3y-z6qj-mycd"},{"vulnerability":"VCID-v9za-1chy-tybg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94167?format=json","purl":"pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5u4e-ue9w-9ybw"},{"vulnerability":"VCID-64en-n1cd-nuh5"},{"vulnerability":"VCID-68hy-e2xk-h7gb"},{"vulnerability":"VCID-ch2u-znmq-73cx"},{"vulnerability":"VCID-d3jt-x17d-7ud4"},{"vulnerability":"VCID-g743-mtd8-5ydm"},{"vulnerability":"VCID-ku26-6adv-zfcv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94171?format=json","purl":"pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ku26-6adv-zfcv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94170?format=json","purl":"pkg:deb/debian/ffmpeg@7:8.1.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1.1-3%3Fdistro=trixie"}],"aliases":["CVE-2015-6761"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmjp-vnas-vkdk"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:2.8.1-1%3Fdistro=trixie"}