rpm package
suse/ffmpeg-4&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
pkg:rpm/suse/ffmpeg-4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Vulnerabilities (30)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-47169 | — | < 4.4-150400.3.42.1 | 4.4-150400.3.42.1 | May 16, 2024 | Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2023-45221 | — | < 4.4-150400.3.42.1 | 4.4-150400.3.42.1 | May 16, 2024 | Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2023-48368 | — | < 4.4-150400.3.42.1 | 4.4-150400.3.42.1 | May 16, 2024 | Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2023-51794 | — | < 4.4-150400.3.32.1 | 4.4-150400.3.32.1 | Apr 26, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69. | ||
| CVE-2023-51793 | — | < 4.4-150400.3.24.1 | 4.4-150400.3.24.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. | ||
| CVE-2023-50010 | — | < 4.4-150400.3.27.1 | 4.4-150400.3.27.1 | Apr 19, 2024 | FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component. | ||
| CVE-2023-49502 | — | < 4.4-150400.3.24.1 | 4.4-150400.3.24.1 | Apr 19, 2024 | Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component. | ||
| CVE-2024-31578 | — | < 4.4-150400.3.24.1 | 4.4-150400.3.24.1 | Apr 17, 2024 | FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. | ||
| CVE-2020-22037 | — | < 4.4.5-150400.3.46.1 | 4.4.5-150400.3.46.1 | Jun 1, 2021 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c. | ||
| CVE-2020-22021 | — | < 4.4-150400.3.32.1 | 4.4-150400.3.32.1 | May 26, 2021 | Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service. |
- CVE-2023-47169May 16, 2024affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1
Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2023-45221May 16, 2024affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1
Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-48368May 16, 2024affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1
Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2023-51794Apr 26, 2024affected < 4.4-150400.3.32.1fixed 4.4-150400.3.32.1
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69.
- CVE-2023-51793Apr 19, 2024affected < 4.4-150400.3.24.1fixed 4.4-150400.3.24.1
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.
- CVE-2023-50010Apr 19, 2024affected < 4.4-150400.3.27.1fixed 4.4-150400.3.27.1
FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.
- CVE-2023-49502Apr 19, 2024affected < 4.4-150400.3.24.1fixed 4.4-150400.3.24.1
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
- CVE-2024-31578Apr 17, 2024affected < 4.4-150400.3.24.1fixed 4.4-150400.3.24.1
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
- CVE-2020-22037Jun 1, 2021affected < 4.4.5-150400.3.46.1fixed 4.4.5-150400.3.46.1
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.
- CVE-2020-22021May 26, 2021affected < 4.4-150400.3.32.1fixed 4.4-150400.3.32.1
Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.
Page 2 of 2