apk package
chainguard/ffmpeg-7
pkg:apk/chainguard/ffmpeg-7
Vulnerabilities (12)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-9951 | Hig | — | < 7.1.1-r11 | 7.1.1-r11 | Sep 9, 2025 | A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000. | |
| CVE-2025-1594 | — | < 7.1.1-r12 | 7.1.1-r12 | Feb 23, 2025 | A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate th | ||
| CVE-2025-25469 | — | < 7.1.3-r0 | 7.1.3-r0 | Feb 18, 2025 | FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/iamf.c. | ||
| CVE-2025-25468 | — | < 7.1.3-r5 | 7.1.3-r5 | Feb 18, 2025 | FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/mem.c. | ||
| CVE-2025-22921 | — | < 7.1.3-r1 | 7.1.3-r1 | Feb 18, 2025 | FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c. | ||
| CVE-2023-51794 | — | < 7.1.3-r2 | 7.1.3-r2 | Apr 26, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69. | ||
| CVE-2023-51798 | — | < 7.1.3-r2 | 7.1.3-r2 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. | ||
| CVE-2023-51797 | — | < 7.1.3-r2 | 7.1.3-r2 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame | ||
| CVE-2023-51796 | — | < 7.1.3-r2 | 7.1.3-r2 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame. | ||
| CVE-2023-51795 | — | < 7.1.3-r2 | 7.1.3-r2 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame | ||
| CVE-2023-51793 | — | < 7.1.3-r2 | 7.1.3-r2 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. | ||
| CVE-2023-51791 | — | < 7.1.3-r2 | 7.1.3-r2 | Apr 19, 2024 | Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map. |
- affected < 7.1.1-r11fixed 7.1.1-r11
A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000.
- CVE-2025-1594Feb 23, 2025affected < 7.1.1-r12fixed 7.1.1-r12
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate th
- CVE-2025-25469Feb 18, 2025affected < 7.1.3-r0fixed 7.1.3-r0
FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/iamf.c.
- CVE-2025-25468Feb 18, 2025affected < 7.1.3-r5fixed 7.1.3-r5
FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/mem.c.
- CVE-2025-22921Feb 18, 2025affected < 7.1.3-r1fixed 7.1.3-r1
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.
- CVE-2023-51794Apr 26, 2024affected < 7.1.3-r2fixed 7.1.3-r2
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69.
- CVE-2023-51798Apr 19, 2024affected < 7.1.3-r2fixed 7.1.3-r2
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.
- CVE-2023-51797Apr 19, 2024affected < 7.1.3-r2fixed 7.1.3-r2
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame
- CVE-2023-51796Apr 19, 2024affected < 7.1.3-r2fixed 7.1.3-r2
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.
- CVE-2023-51795Apr 19, 2024affected < 7.1.3-r2fixed 7.1.3-r2
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame
- CVE-2023-51793Apr 19, 2024affected < 7.1.3-r2fixed 7.1.3-r2
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.
- CVE-2023-51791Apr 19, 2024affected < 7.1.3-r2fixed 7.1.3-r2
Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.