VulnerableCode Package Details - pkg:alpm/archlinux/ffmpeg@2:4.2.3-2

Search for packages

Package details: pkg:alpm/archlinux/ffmpeg@2:4.2.3-2

Essentials
History (3)

purl	pkg:alpm/archlinux/ffmpeg@2:4.2.3-2

Next non-vulnerable version	2:4.3.1-1
Latest non-vulnerable version	2:4.4.1-1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-pdga-yrz9-aaar Aliases: CVE-2020-13904	FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.	2:4.3.1-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:45:49.751831+00:00	Arch Linux Importer	Affected by	VCID-pdga-yrz9-aaar	https://security.archlinux.org/AVG-1180	36.0.0
2024-09-18T02:00:51.823129+00:00	Arch Linux Importer	Affected by	VCID-pdga-yrz9-aaar	https://security.archlinux.org/AVG-1180	34.0.1
2024-01-03T22:27:09.202271+00:00	Arch Linux Importer	Affected by	VCID-pdga-yrz9-aaar	https://security.archlinux.org/AVG-1180	34.0.0rc1