rpm package
suse/ffmpeg&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-7700 | Med | 5.3 | < 3.4.2-150200.11.67.1 | 3.4.2-150200.11.67.1 | Nov 7, 2025 | A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrup | |
| CVE-2025-22919 | Med | 6.5 | < 3.4.2-150200.11.60.1 | 3.4.2-150200.11.60.1 | Feb 18, 2025 | A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file. | |
| CVE-2025-22921 | — | < 3.4.2-150200.11.60.1 | 3.4.2-150200.11.60.1 | Feb 18, 2025 | FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c. | ||
| CVE-2025-0518 | — | < 3.4.2-150200.11.60.1 | 3.4.2-150200.11.60.1 | Jan 16, 2025 | Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issu | ||
| CVE-2024-36613 | — | < 3.4.2-150200.11.60.1 | 3.4.2-150200.11.60.1 | Jan 3, 2025 | FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior. | ||
| CVE-2024-35365 | — | < 3.4.2-150200.11.60.1 | 3.4.2-150200.11.60.1 | Jan 3, 2025 | FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function. | ||
| CVE-2024-35368 | — | < 3.4.2-150200.11.60.1 | 3.4.2-150200.11.60.1 | Nov 29, 2024 | FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. | ||
| CVE-2023-51793 | — | < 3.4.2-150200.11.60.1 | 3.4.2-150200.11.60.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. |
- affected < 3.4.2-150200.11.67.1fixed 3.4.2-150200.11.67.1
A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrup
- affected < 3.4.2-150200.11.60.1fixed 3.4.2-150200.11.60.1
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.
- CVE-2025-22921Feb 18, 2025affected < 3.4.2-150200.11.60.1fixed 3.4.2-150200.11.60.1
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.
- CVE-2025-0518Jan 16, 2025affected < 3.4.2-150200.11.60.1fixed 3.4.2-150200.11.60.1
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issu
- CVE-2024-36613Jan 3, 2025affected < 3.4.2-150200.11.60.1fixed 3.4.2-150200.11.60.1
FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior.
- CVE-2024-35365Jan 3, 2025affected < 3.4.2-150200.11.60.1fixed 3.4.2-150200.11.60.1
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function.
- CVE-2024-35368Nov 29, 2024affected < 3.4.2-150200.11.60.1fixed 3.4.2-150200.11.60.1
FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.
- CVE-2023-51793Apr 19, 2024affected < 3.4.2-150200.11.60.1fixed 3.4.2-150200.11.60.1
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.