rpm package
suse/ffmpeg&distro=SUSE Linux Enterprise Module for Package Hub 15 SP7
pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-7700 | Med | 5.3 | < 3.4.2-150200.11.67.1 | 3.4.2-150200.11.67.1 | Nov 7, 2025 | A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrup | |
| CVE-2024-36618 | — | < 3.4.2-150200.11.64.1 | 3.4.2-150200.11.64.1 | Nov 29, 2024 | FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition. | ||
| CVE-2024-36617 | — | < 3.4.2-150200.11.64.1 | 3.4.2-150200.11.64.1 | Nov 29, 2024 | FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder. | ||
| CVE-2024-36616 | — | < 3.4.2-150200.11.64.1 | 3.4.2-150200.11.64.1 | Nov 29, 2024 | An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file. | ||
| CVE-2022-1475 | — | < 3.4.2-150200.11.64.1 | 3.4.2-150200.11.64.1 | May 2, 2022 | An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file. |
- affected < 3.4.2-150200.11.67.1fixed 3.4.2-150200.11.67.1
A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrup
- CVE-2024-36618Nov 29, 2024affected < 3.4.2-150200.11.64.1fixed 3.4.2-150200.11.64.1
FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
- CVE-2024-36617Nov 29, 2024affected < 3.4.2-150200.11.64.1fixed 3.4.2-150200.11.64.1
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
- CVE-2024-36616Nov 29, 2024affected < 3.4.2-150200.11.64.1fixed 3.4.2-150200.11.64.1
An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.
- CVE-2022-1475May 2, 2022affected < 3.4.2-150200.11.64.1fixed 3.4.2-150200.11.64.1
An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.