rpm package
suse/ffmpeg&distro=SUSE Linux Enterprise Module for Package Hub 15 SP5
pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5
Vulnerabilities (13)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-32230 | — | < 3.4.2-150200.11.50.1 | 3.4.2-150200.11.50.1 | Jul 1, 2024 | FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0 | ||
| CVE-2023-51794 | — | < 3.4.2-150200.11.47.1 | 3.4.2-150200.11.47.1 | Apr 26, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69. | ||
| CVE-2023-51798 | — | < 3.4.2-150200.11.57.1 | 3.4.2-150200.11.57.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. | ||
| CVE-2023-50010 | — | < 3.4.2-150200.11.44.1 | 3.4.2-150200.11.44.1 | Apr 19, 2024 | FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component. | ||
| CVE-2023-49502 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component. | ||
| CVE-2024-31578 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Apr 17, 2024 | FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. | ||
| CVE-2021-28429 | — | < 3.4.2-150200.11.31.1 | 3.4.2-150200.11.31.1 | Aug 11, 2023 | Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. | ||
| CVE-2021-38094 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||
| CVE-2021-38091 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||
| CVE-2021-38090 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||
| CVE-2020-20898 | — | < 3.4.2-150200.11.41.1 | 3.4.2-150200.11.41.1 | Sep 20, 2021 | Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | ||
| CVE-2021-38291 | — | < 3.4.2-150200.11.57.1 | 3.4.2-150200.11.57.1 | Aug 12, 2021 | FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. | ||
| CVE-2020-22027 | — | < 3.4.2-150200.11.57.1 | 3.4.2-150200.11.57.1 | May 27, 2021 | A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences. |
- CVE-2024-32230Jul 1, 2024affected < 3.4.2-150200.11.50.1fixed 3.4.2-150200.11.50.1
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0
- CVE-2023-51794Apr 26, 2024affected < 3.4.2-150200.11.47.1fixed 3.4.2-150200.11.47.1
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69.
- CVE-2023-51798Apr 19, 2024affected < 3.4.2-150200.11.57.1fixed 3.4.2-150200.11.57.1
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.
- CVE-2023-50010Apr 19, 2024affected < 3.4.2-150200.11.44.1fixed 3.4.2-150200.11.44.1
FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.
- CVE-2023-49502Apr 19, 2024affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
- CVE-2024-31578Apr 17, 2024affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
- CVE-2021-28429Aug 11, 2023affected < 3.4.2-150200.11.31.1fixed 3.4.2-150200.11.31.1
Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.
- CVE-2021-38094Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
- CVE-2021-38091Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
- CVE-2021-38090Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
- CVE-2020-20898Sep 20, 2021affected < 3.4.2-150200.11.41.1fixed 3.4.2-150200.11.41.1
Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
- CVE-2021-38291Aug 12, 2021affected < 3.4.2-150200.11.57.1fixed 3.4.2-150200.11.57.1
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.
- CVE-2020-22027May 27, 2021affected < 3.4.2-150200.11.57.1fixed 3.4.2-150200.11.57.1
A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences.