VulnerableCode Package Details - pkg:alpm/archlinux/ffmpeg@2:4.4.1-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-33hr-qpc9-17d7	libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.	CVE-2021-38114
VCID-a7qx-thca-b7cv	FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service	CVE-2020-20453
VCID-aa8t-q329-8ugu	A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.	CVE-2020-22037
VCID-amaf-s9bp-4qa1	dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.	CVE-2021-33815
VCID-d1fw-gxru-8qdy	adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.	CVE-2021-38171
VCID-egqg-zn7q-kkd8	Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service.	CVE-2020-22019
VCID-fkkq-53wv-1bex	FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.	CVE-2020-20446
VCID-scvy-tdpc-g7de	A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service.	CVE-2020-22033
VCID-usfk-2ghs-nyha	FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.	CVE-2021-38291
VCID-vjvd-te49-k3h3	Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.	CVE-2020-22021
VCID-wrzb-t3f1-tqhn	FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service.	CVE-2020-20445
VCID-ywc1-4enx-6bdh	Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.	CVE-2020-22015

Vulnerability

Summary

Aliases

VCID-33hr-qpc9-17d7

libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.

CVE-2021-38114

VCID-a7qx-thca-b7cv

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service

CVE-2020-20453

VCID-aa8t-q329-8ugu

A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.

CVE-2020-22037

VCID-amaf-s9bp-4qa1

dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.

CVE-2021-33815

VCID-d1fw-gxru-8qdy

adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.

CVE-2021-38171

VCID-egqg-zn7q-kkd8

Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service.

CVE-2020-22019

VCID-fkkq-53wv-1bex

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.

CVE-2020-20446

VCID-scvy-tdpc-g7de

A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service.

CVE-2020-22033

VCID-usfk-2ghs-nyha

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

CVE-2021-38291

VCID-vjvd-te49-k3h3

Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.

CVE-2020-22021

VCID-wrzb-t3f1-tqhn

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service.

CVE-2020-20445

VCID-ywc1-4enx-6bdh

Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.

CVE-2020-22015

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T11:37:39.318075+00:00	Arch Linux Importer	Fixing	VCID-wrzb-t3f1-tqhn	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.292588+00:00	Arch Linux Importer	Fixing	VCID-fkkq-53wv-1bex	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.267321+00:00	Arch Linux Importer	Fixing	VCID-a7qx-thca-b7cv	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.239374+00:00	Arch Linux Importer	Fixing	VCID-ywc1-4enx-6bdh	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.214550+00:00	Arch Linux Importer	Fixing	VCID-egqg-zn7q-kkd8	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.188130+00:00	Arch Linux Importer	Fixing	VCID-vjvd-te49-k3h3	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.163007+00:00	Arch Linux Importer	Fixing	VCID-scvy-tdpc-g7de	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.137534+00:00	Arch Linux Importer	Fixing	VCID-aa8t-q329-8ugu	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.111862+00:00	Arch Linux Importer	Fixing	VCID-amaf-s9bp-4qa1	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.086067+00:00	Arch Linux Importer	Fixing	VCID-33hr-qpc9-17d7	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.060280+00:00	Arch Linux Importer	Fixing	VCID-d1fw-gxru-8qdy	https://security.archlinux.org/AVG-1989	37.0.0
2025-07-31T11:37:39.034424+00:00	Arch Linux Importer	Fixing	VCID-usfk-2ghs-nyha	https://security.archlinux.org/AVG-1989	37.0.0