A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-06
A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-01-06
A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-31
A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-12-31
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-11-29
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-04-17
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-04-17
Page 2