Unrated severityNVD Advisory· Published Nov 17, 2015· Updated Jun 17, 2026

CVE-2015-8216

Description

The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

FFmpeg/Ffmpeg2 versions
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*range: <=2.8.1
- (no CPE)range: <2.8.2
osv-coords
pkg:rpm/opensuse/ffmpeg-4&distro=openSUSE%20Tumbleweed
Range: < 4.4-5.2

Patches

Vulnerability mechanics

References

git.videolan.orgnvd
lists.opensuse.org/opensuse-updates/2015-11/msg00146.htmlnvd
lists.debian.org/debian-lts-announce/2018/12/msg00009.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000