Shodan
Vulnerabilities
Vulnerable Software
Ffmpeg:  >> Ffmpeg  >> 4.2  Security Vulnerabilities
CVE-2022-3109
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-12-16
CVE-2022-1475
An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-02
CVE-2020-23906
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-10
CVE-2020-21688
A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-08-10
CVE-2020-21697
A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-08-10
CVE-2021-3566
Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg).
CVSS Score
5.5
EPSS Score
0.001
Published
2021-08-05
CVE-2020-22054
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.
CVSS Score
6.5
EPSS Score
0.016
Published
2021-06-02
CVE-2020-22056
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2021-06-02
CVE-2020-22051
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the filter_frame function in vf_tile.c.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-06-02
CVE-2020-22046
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c.
CVSS Score
6.5
EPSS Score
0.009
Published
2021-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved