Search for vulnerabilities
Vulnerability details: VCID-m7c4-7cph-aaad
Vulnerability ID VCID-m7c4-7cph-aaad
Aliases CVE-2023-47470
Summary Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00140 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00147 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00147 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00147 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.0029 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.00571 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
epss 0.01358 https://api.first.org/data/v1/epss?cve=CVE-2023-47470
cvssv3 7.8 https://nvd.nist.gov/vuln/detail/CVE-2023-47470
cvssv3.1 7.8 https://nvd.nist.gov/vuln/detail/CVE-2023-47470
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2023-47470
https://github.com/FFmpeg/FFmpeg/commit/4565747056a11356210ed8edcecb920105e40b60
https://github.com/goldds96/Report/tree/main/FFmpeg
https://patchwork.ffmpeg.org/project/ffmpeg/patch/20230915131147.5945-2-michael%40niedermayer.cc/
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
CVE-2023-47470 https://nvd.nist.gov/vuln/detail/CVE-2023-47470
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-47470
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-47470
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.50460
EPSS Score 0.00140
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.