Search CVE reports
221 – 230 of 349 results
Some fixes available 2 of 9
libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data.
3 affected packages
ffmpeg, libav, mplayer
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | — | Not affected |
| libav | — | — | — | — | Not in release |
| mplayer | — | — | — | — | Not affected |
Some fixes available 2 of 10
libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data.
3 affected packages
ffmpeg, libav, mplayer
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | — | Not affected |
| libav | — | — | — | — | Not in release |
| mplayer | — | — | — | — | Not affected |
Some fixes available 2 of 9
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have...
3 affected packages
ffmpeg, libav, mplayer
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | — | Not affected |
| libav | — | — | — | — | Not in release |
| mplayer | — | — | — | — | Not affected |
Some fixes available 2 of 9
libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via...
3 affected packages
ffmpeg, libav, mplayer
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | — | Not affected |
| libav | — | — | — | — | Not in release |
| mplayer | — | — | — | — | Not affected |
Some fixes available 2 of 9
libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service...
3 affected packages
ffmpeg, libav, mplayer
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | — | Not affected |
| libav | — | — | — | — | Not in release |
| mplayer | — | — | — | — | Not affected |
Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors.
1 affected package
libav
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libav | — | — | — | — | — |
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related...
3 affected packages
libav, qtwebengine-opensource-src, ffmpeg
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libav | Not in release | Not in release | Not in release | Not in release | Not in release |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.
9 affected packages
chromium-browser, ffmpeg, gstreamer0.10-ffmpeg, kino, libav...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not affected | Not in release | Not affected |
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
| gstreamer0.10-ffmpeg | Not in release | Not in release | Not in release | Not in release | Not in release |
| kino | Not in release | Not in release | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | Not in release | Not in release |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not in release |
| mythtv | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| gst-libav1.0 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data.
7 affected packages
chromium-browser, ffmpeg, libav, oxide-qt, mythtv...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not affected | Not in release | Not affected |
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | Not in release | Not in release |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not in release |
| mythtv | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| gst-libav1.0 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.
7 affected packages
chromium-browser, ffmpeg, libav, oxide-qt, gst-libav1.0...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not affected | Not in release | Not affected |
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | Not in release | Not in release |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not in release |
| gst-libav1.0 | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| mythtv | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |