Search for packages
| purl | pkg:deb/debian/ffmpeg@7:4.3.5-0%2Bdeb11u1 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-75j2-4wpa-aaad
Aliases: CVE-2022-4907 |
Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 1 other vulnerability. Affected by 18 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-7pn9-j75t-aaap
Aliases: CVE-2022-3341 |
A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash. |
Affected by 1 other vulnerability. Affected by 18 other vulnerabilities. Affected by 1 other vulnerability. Affected by 3 other vulnerabilities. |
|
VCID-7wns-gt58-aaab
Aliases: CVE-2022-48434 |
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used). |
Affected by 1 other vulnerability. Affected by 18 other vulnerabilities. Affected by 1 other vulnerability. Affected by 3 other vulnerabilities. |
|
VCID-d5ad-dpn1-aaaj
Aliases: CVE-2022-3965 |
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544. |
Affected by 1 other vulnerability. Affected by 18 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-py6c-5vka-aaaa
Aliases: CVE-2022-3964 |
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543. |
Affected by 1 other vulnerability. Affected by 18 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-ukbp-h3ea-aaah
Aliases: CVE-2022-3109 |
An issue was discovered in the FFmpeg through 3.0. vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause the null pointer dereference, impacting confidentiality and availability. |
Affected by 1 other vulnerability. Affected by 18 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|