VulnerableCode Package Details - pkg:deb/ubuntu/ffmpeg@7:4.2.2-3ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/ffmpeg@7:4.2.2-3ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/ffmpeg@7:4.2.2-3ubuntu1

Next non-vulnerable version	7:4.2.4-1ubuntu0.1
Latest non-vulnerable version	7:4.2.4-1ubuntu0.1
Risk	4.5

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-4kfh-pqwk-aaam Aliases: CVE-2020-12284	cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.	7:4.2.4-1ubuntu0.1 Affected by 0 other vulnerabilities.
VCID-j9je-s5ab-aaah Aliases: CVE-2019-13312	block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read.	7:4.2.4-1ubuntu0.1 Affected by 0 other vulnerabilities.
VCID-pdga-yrz9-aaar Aliases: CVE-2020-13904	FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.	7:4.2.4-1ubuntu0.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version