rpm package
opensuse/ffmpeg-4&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/ffmpeg-4&distro=openSUSE%20Tumbleweed
Vulnerabilities (85)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8363 | — | < 4.4-5.2 | 4.4-5.2 | Nov 26, 2015 | The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service (out-of-bounds he | ||
| CVE-2015-8219 | — | < 4.4-5.2 | 4.4-5.2 | Nov 17, 2015 | The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other i | ||
| CVE-2015-8218 | — | < 4.4-5.2 | 4.4-5.2 | Nov 17, 2015 | The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data. | ||
| CVE-2015-8217 | — | < 4.4-5.2 | 4.4-5.2 | Nov 17, 2015 | The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficien | ||
| CVE-2015-8216 | — | < 4.4-5.2 | 4.4-5.2 | Nov 17, 2015 | The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. |
- CVE-2015-8363Nov 26, 2015affected < 4.4-5.2fixed 4.4-5.2
The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service (out-of-bounds he
- CVE-2015-8219Nov 17, 2015affected < 4.4-5.2fixed 4.4-5.2
The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other i
- CVE-2015-8218Nov 17, 2015affected < 4.4-5.2fixed 4.4-5.2
The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data.
- CVE-2015-8217Nov 17, 2015affected < 4.4-5.2fixed 4.4-5.2
The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficien
- CVE-2015-8216Nov 17, 2015affected < 4.4-5.2fixed 4.4-5.2
The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data.
Page 5 of 5