rpm package
opensuse/ffmpeg-4&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/ffmpeg-4&distro=openSUSE%20Leap%2015.4
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48434 | — | < 4.4-150400.3.15.1 | 4.4-150400.3.15.1 | Mar 29, 2023 | libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-vid | ||
| CVE-2022-3341 | — | < 4.4-150400.3.11.1 | 4.4-150400.3.11.1 | Jan 12, 2023 | A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an app | ||
| CVE-2022-3109 | — | < 4.4-150400.3.8.1 | 4.4-150400.3.8.1 | Dec 16, 2022 | An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability. | ||
| CVE-2022-3964 | — | < 4.4-150400.3.5.1 | 4.4-150400.3.5.1 | Nov 13, 2022 | A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the att |
- CVE-2022-48434Mar 29, 2023affected < 4.4-150400.3.15.1fixed 4.4-150400.3.15.1
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-vid
- CVE-2022-3341Jan 12, 2023affected < 4.4-150400.3.11.1fixed 4.4-150400.3.11.1
A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an app
- CVE-2022-3109Dec 16, 2022affected < 4.4-150400.3.8.1fixed 4.4-150400.3.8.1
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
- CVE-2022-3964Nov 13, 2022affected < 4.4-150400.3.5.1fixed 4.4-150400.3.5.1
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the att