rpm package
opensuse/ffmpeg-6&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/ffmpeg-6&distro=openSUSE%20Tumbleweed
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-49502 | — | < 6.1.1-4.1 | 6.1.1-4.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component. | ||
| CVE-2023-49501 | — | < 6.1.1-4.1 | 6.1.1-4.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component. | ||
| CVE-2024-31582 | — | < 6.1.1-4.1 | 6.1.1-4.1 | Apr 17, 2024 | FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input. | ||
| CVE-2024-31578 | — | < 6.1.1-4.1 | 6.1.1-4.1 | Apr 17, 2024 | FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. | ||
| CVE-2023-49528 | — | < 6.1.1-4.1 | 6.1.1-4.1 | Apr 12, 2024 | Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component. | ||
| CVE-2020-22046 | — | < 6.0-1.1 | 6.0-1.1 | Jun 2, 2021 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c. |
- CVE-2023-49502Apr 19, 2024affected < 6.1.1-4.1fixed 6.1.1-4.1
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
- CVE-2023-49501Apr 19, 2024affected < 6.1.1-4.1fixed 6.1.1-4.1
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.
- CVE-2024-31582Apr 17, 2024affected < 6.1.1-4.1fixed 6.1.1-4.1
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.
- CVE-2024-31578Apr 17, 2024affected < 6.1.1-4.1fixed 6.1.1-4.1
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
- CVE-2023-49528Apr 12, 2024affected < 6.1.1-4.1fixed 6.1.1-4.1
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
- CVE-2020-22046Jun 2, 2021affected < 6.0-1.1fixed 6.0-1.1
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c.
Page 2 of 2