VulnerableCode Package Details - pkg:ebuild/media-video/ffmpeg@4.2.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9aua-7ce1-aaap	In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c.	CVE-2019-13390
VCID-gm7x-n9ub-aaak	FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.	CVE-2019-17542
VCID-j9je-s5ab-aaah	block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read.	CVE-2019-13312
VCID-jkhj-2usb-aaaf	aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables.	CVE-2019-12730
VCID-k7pc-r371-aaas	The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.	CVE-2018-10001
VCID-kfuh-tb3c-aaar	The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.	CVE-2018-7751
VCID-qak4-m8wy-aaag	The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.	CVE-2018-7557
VCID-qfj7-s9pz-aaaq	The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.	CVE-2018-6912
VCID-uw9m-efdf-aaan	The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.	CVE-2018-9841
VCID-vmn5-9pwf-aaar	In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.	CVE-2019-17539

Vulnerability

Summary

Aliases

VCID-9aua-7ce1-aaap

In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c.

CVE-2019-13390

VCID-gm7x-n9ub-aaak

FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.

CVE-2019-17542

VCID-j9je-s5ab-aaah

block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read.

CVE-2019-13312

VCID-jkhj-2usb-aaaf

aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables.

CVE-2019-12730

VCID-k7pc-r371-aaas

The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.

CVE-2018-10001

VCID-kfuh-tb3c-aaar

The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.

CVE-2018-7751

VCID-qak4-m8wy-aaag

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

CVE-2018-7557

VCID-qfj7-s9pz-aaaq

The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.

CVE-2018-6912

VCID-uw9m-efdf-aaan

The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.

CVE-2018-9841

VCID-vmn5-9pwf-aaar

In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.

CVE-2019-17539

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T12:40:06.780221+00:00	Gentoo Importer	Fixing	VCID-gm7x-n9ub-aaak	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.763650+00:00	Gentoo Importer	Fixing	VCID-vmn5-9pwf-aaar	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.747159+00:00	Gentoo Importer	Fixing	VCID-9aua-7ce1-aaap	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.730682+00:00	Gentoo Importer	Fixing	VCID-j9je-s5ab-aaah	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.714126+00:00	Gentoo Importer	Fixing	VCID-jkhj-2usb-aaaf	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.697810+00:00	Gentoo Importer	Fixing	VCID-uw9m-efdf-aaan	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.681529+00:00	Gentoo Importer	Fixing	VCID-kfuh-tb3c-aaar	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.665225+00:00	Gentoo Importer	Fixing	VCID-qak4-m8wy-aaag	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.648898+00:00	Gentoo Importer	Fixing	VCID-qfj7-s9pz-aaaq	https://security.gentoo.org/glsa/202003-65	36.0.0
2025-03-28T12:40:06.632721+00:00	Gentoo Importer	Fixing	VCID-k7pc-r371-aaas	https://security.gentoo.org/glsa/202003-65	36.0.0
2024-09-18T07:33:57.874389+00:00	Gentoo Importer	Fixing	VCID-gm7x-n9ub-aaak	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.850041+00:00	Gentoo Importer	Fixing	VCID-vmn5-9pwf-aaar	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.826607+00:00	Gentoo Importer	Fixing	VCID-9aua-7ce1-aaap	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.804077+00:00	Gentoo Importer	Fixing	VCID-j9je-s5ab-aaah	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.780186+00:00	Gentoo Importer	Fixing	VCID-jkhj-2usb-aaaf	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.756967+00:00	Gentoo Importer	Fixing	VCID-uw9m-efdf-aaan	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.736223+00:00	Gentoo Importer	Fixing	VCID-kfuh-tb3c-aaar	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.712630+00:00	Gentoo Importer	Fixing	VCID-qak4-m8wy-aaag	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.689549+00:00	Gentoo Importer	Fixing	VCID-qfj7-s9pz-aaaq	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-09-18T07:33:57.666551+00:00	Gentoo Importer	Fixing	VCID-k7pc-r371-aaas	https://security.gentoo.org/glsa/202003-65	34.0.1
2024-01-04T01:40:18.988516+00:00	Gentoo Importer	Fixing	VCID-gm7x-n9ub-aaak	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.964276+00:00	Gentoo Importer	Fixing	VCID-vmn5-9pwf-aaar	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.946342+00:00	Gentoo Importer	Fixing	VCID-9aua-7ce1-aaap	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.930130+00:00	Gentoo Importer	Fixing	VCID-j9je-s5ab-aaah	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.913443+00:00	Gentoo Importer	Fixing	VCID-jkhj-2usb-aaaf	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.897218+00:00	Gentoo Importer	Fixing	VCID-uw9m-efdf-aaan	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.880944+00:00	Gentoo Importer	Fixing	VCID-kfuh-tb3c-aaar	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.864785+00:00	Gentoo Importer	Fixing	VCID-qak4-m8wy-aaag	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.846326+00:00	Gentoo Importer	Fixing	VCID-qfj7-s9pz-aaaq	https://security.gentoo.org/glsa/202003-65	34.0.0rc1
2024-01-04T01:40:18.827773+00:00	Gentoo Importer	Fixing	VCID-k7pc-r371-aaas	https://security.gentoo.org/glsa/202003-65	34.0.0rc1