| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-15942 | 6.8 |
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.
|
28-02-2023 - 14:11 | 05-09-2019 - 16:15 | |
| CVE-2020-13904 | 4.3 |
FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.
|
07-10-2022 - 01:27 | 07-06-2020 - 19:15 | |
| CVE-2020-12284 | 10.0 |
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
|
29-04-2022 - 13:25 | 28-04-2020 - 06:15 | |
| CVE-2020-14212 | 6.8 |
FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted.
|
18-09-2020 - 17:41 | 16-06-2020 - 22:15 | |
| CVE-2019-13312 | 6.8 |
block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read.
|
28-07-2020 - 22:15 | 05-07-2019 - 01:15 |