Search CVE reports
11 – 20 of 495 results
CVE-2024-36616
Medium priorityAn integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-36615
Medium priorityFFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-36619
Medium priorityFFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service (DoS) condition.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-36618
Medium priorityFFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-36617
Medium prioritySome fixes available 4 of 7
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Needs evaluation | Fixed | Fixed | Fixed | Fixed |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-35369
Medium priorityIn FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-7272
Medium priorityA vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-7055
Medium priorityA vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-32230
Medium prioritySome fixes available 5 of 7
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Fixed | Fixed | Fixed | Fixed | Fixed |
| libav | Not in release | Not in release | Not in release | — | — |
CVE-2024-32229
Medium priorityFFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | — | — |