ID CVE-2020-20446
Summary FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
References
Vulnerable Configurations
  • cpe:2.3:a:ffmpeg:ffmpeg:4.2:-:*:*:*:*:*:*
    cpe:2.3:a:ffmpeg:ffmpeg:4.2:-:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 30-11-2021 - 22:14)
Impact:
Exploitability:
CWE CWE-369
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
Last major update 30-11-2021 - 22:14
Published 25-05-2021 - 18:15
Last modified 30-11-2021 - 22:14
Back to Top