Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    Related vulnerabilities

    BDU:2024-00245

    Vulnerability from fstec - Published: 06.11.2023
    VLAI
    Title
    Уязвимость мультимедийной библиотеки FFmpeg, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привелегии
    Description
    Уязвимость мультимедийной библиотеки FFmpeg связана с недостатками разграничения доступа. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привелегии
    Severity
    AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
    Vendor
    АО «ИВК», FFmpeg team
    Software Name
    Альт 8 СП (запись в едином реестре российских программ №4305), АЛЬТ СП 10, FFmpeg
    Software Version
    - (Альт 8 СП), - (АЛЬТ СП 10), до 6.1 (FFmpeg)
    Possible Mitigations
    Использование рекомендаций: https://ffmpeg.org/security.html Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства Для ОС Альт 8 СП (релиз 10): установка обновления из публичного репозитория программного средства
    Reference
    https://ffmpeg.org/security.html https://vuldb.com/?id.245405 https://altsp.su/obnovleniya-bezopasnosti/ https://altsp.su/obnovleniya-bezopasnosti/
    CWE
    CWE-269
    To clipboard 

    {
  "CVSS 2.0": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
  "CVSS 3.0": "AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "TO975",
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": "TO975 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 FFmpeg",
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, FFmpeg team",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (\u0410\u043b\u044c\u0442 8 \u0421\u041f), - (\u0410\u041b\u042c\u0422 \u0421\u041f 10), \u0434\u043e 6.1 (FFmpeg)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://ffmpeg.org/security.html\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0440\u0435\u043b\u0438\u0437 10): \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "06.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "08.10.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "12.01.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-00245",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-47342",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041b\u042c\u0422 \u0421\u041f 10, FFmpeg",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u041b\u042c\u0422 \u0421\u041f 10 - ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 FFmpeg, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u0435\u0433\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 (CWE-269)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 FFmpeg \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u0435\u0433\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://ffmpeg.org/security.html\nhttps://vuldb.com/?id.245405\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://altsp.su/obnovleniya-bezopasnosti/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-269",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,2)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
    cleanstart-2026-ps82605
    Vulnerability from cleanstart
    Published
    2026-02-06 01:09
    Modified
    2026-02-03 13:35
    Summary
    Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ...
    Details

    Multiple security vulnerabilities affect the ffmpeg package. Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps. See references for individual vulnerability details.

    Severity
    9.8 (Critical)
    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    References
    https://github.com/cleanstart-dev/cleanstart-secu… ADVISORY
    https://osv.dev/vulnerability/CVE-2017-14058 WEB
    https://osv.dev/vulnerability/CVE-2017-14225 WEB
    https://osv.dev/vulnerability/CVE-2018-10001 WEB
    https://osv.dev/vulnerability/CVE-2018-12458 WEB
    https://osv.dev/vulnerability/CVE-2018-12459 WEB
    https://osv.dev/vulnerability/CVE-2018-12460 WEB
    https://osv.dev/vulnerability/CVE-2018-13300 WEB
    https://osv.dev/vulnerability/CVE-2018-13301 WEB
    https://osv.dev/vulnerability/CVE-2018-13302 WEB
    https://osv.dev/vulnerability/CVE-2018-13303 WEB
    https://osv.dev/vulnerability/CVE-2018-13304 WEB
    https://osv.dev/vulnerability/CVE-2018-13305 WEB
    https://osv.dev/vulnerability/CVE-2018-14394 WEB
    https://osv.dev/vulnerability/CVE-2018-14395 WEB
    https://osv.dev/vulnerability/CVE-2018-15822 WEB
    https://osv.dev/vulnerability/CVE-2018-1999010 WEB
    https://osv.dev/vulnerability/CVE-2018-1999011 WEB
    https://osv.dev/vulnerability/CVE-2018-1999012 WEB
    https://osv.dev/vulnerability/CVE-2018-1999013 WEB
    https://osv.dev/vulnerability/CVE-2018-1999014 WEB
    https://osv.dev/vulnerability/CVE-2018-1999015 WEB
    https://osv.dev/vulnerability/CVE-2018-6912 WEB
    https://osv.dev/vulnerability/CVE-2018-7557 WEB
    https://osv.dev/vulnerability/CVE-2018-7751 WEB
    https://osv.dev/vulnerability/CVE-2018-7757 WEB
    https://osv.dev/vulnerability/CVE-2018-9841 WEB
    https://osv.dev/vulnerability/CVE-2019-1000016 WEB
    https://osv.dev/vulnerability/CVE-2019-11338 WEB
    https://osv.dev/vulnerability/CVE-2019-11339 WEB
    https://osv.dev/vulnerability/CVE-2019-12730 WEB
    https://osv.dev/vulnerability/CVE-2019-17539 WEB
    https://osv.dev/vulnerability/CVE-2019-17542 WEB
    https://osv.dev/vulnerability/CVE-2019-9718 WEB
    https://osv.dev/vulnerability/CVE-2019-9721 WEB
    https://osv.dev/vulnerability/CVE-2020-12284 WEB
    https://osv.dev/vulnerability/CVE-2020-13904 WEB
    https://osv.dev/vulnerability/CVE-2020-14212 WEB
    https://osv.dev/vulnerability/CVE-2020-20446 WEB
    https://osv.dev/vulnerability/CVE-2020-20450 WEB
    https://osv.dev/vulnerability/CVE-2020-20453 WEB
    https://osv.dev/vulnerability/CVE-2020-21041 WEB
    https://osv.dev/vulnerability/CVE-2020-22015 WEB
    https://osv.dev/vulnerability/CVE-2020-22019 WEB
    https://osv.dev/vulnerability/CVE-2020-22021 WEB
    https://osv.dev/vulnerability/CVE-2020-22037 WEB
    https://osv.dev/vulnerability/CVE-2020-22038 WEB
    https://osv.dev/vulnerability/CVE-2020-22042 WEB
    https://osv.dev/vulnerability/CVE-2020-24020 WEB
    https://osv.dev/vulnerability/CVE-2020-35964 WEB
    https://osv.dev/vulnerability/CVE-2020-35965 WEB
    https://osv.dev/vulnerability/CVE-2021-30123 WEB
    https://osv.dev/vulnerability/CVE-2021-33815 WEB
    https://osv.dev/vulnerability/CVE-2021-38114 WEB
    https://osv.dev/vulnerability/CVE-2021-38171 WEB
    https://osv.dev/vulnerability/CVE-2021-38291 WEB
    https://osv.dev/vulnerability/CVE-2022-3965 WEB
    https://osv.dev/vulnerability/CVE-2023-46407 WEB
    https://osv.dev/vulnerability/CVE-2023-47342 WEB
    https://osv.dev/vulnerability/CVE-2023-47470 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2017-14058 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2017-14225 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-10001 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-12458 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-12459 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-12460 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13300 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13301 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13302 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13303 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13304 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13305 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-14394 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-14395 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-15822 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999011 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999013 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999014 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999015 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-6912 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-7557 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-7751 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-7757 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-9841 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-1000016 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-11338 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-11339 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-12730 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-17539 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-17542 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-9718 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-9721 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-12284 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-13904 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-14212 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-20446 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-20450 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-20453 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-21041 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22015 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22019 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22021 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22037 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22038 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22042 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-24020 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-35964 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-35965 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-30123 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-33815 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-38114 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-38171 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-38291 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2022-3965 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2023-46407 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2023-47342 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2023-47470 WEB
    To clipboard 

    {
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "ffmpeg"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the ffmpeg package. Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-PS82605",
  "modified": "2026-02-03T13:35:45Z",
  "published": "2026-02-06T01:09:01.544353Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PS82605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14058"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-10001"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12458"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12459"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12460"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13300"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13301"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13302"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13303"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13304"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13305"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-14394"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-14395"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-15822"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999010"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999011"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999012"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999013"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999014"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999015"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-6912"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7751"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7757"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-9841"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-1000016"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-11338"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-11339"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-12730"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-17539"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-17542"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9718"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9721"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-12284"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13904"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-14212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-20446"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-20450"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-20453"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-21041"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22015"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22019"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22021"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22037"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22038"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22042"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-24020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-35964"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-35965"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-30123"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-33815"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-38114"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-38171"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-38291"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3965"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-46407"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-47342"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-47470"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14058"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10001"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12458"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12459"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12460"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13300"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13301"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13302"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13303"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13304"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13305"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14394"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14395"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15822"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999010"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999011"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999012"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999013"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999014"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999015"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6912"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7751"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9841"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1000016"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11338"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11339"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12730"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17539"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17542"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9718"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9721"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12284"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13904"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20446"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20450"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20453"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-21041"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22015"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22019"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22021"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22037"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22038"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22042"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35964"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35965"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30123"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33815"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38114"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38171"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38291"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3965"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46407"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47342"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47470"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ...",
  "upstream": [
    "CVE-2017-14058",
    "CVE-2017-14225",
    "CVE-2018-10001",
    "CVE-2018-12458",
    "CVE-2018-12459",
    "CVE-2018-12460",
    "CVE-2018-13300",
    "CVE-2018-13301",
    "CVE-2018-13302",
    "CVE-2018-13303",
    "CVE-2018-13304",
    "CVE-2018-13305",
    "CVE-2018-14394",
    "CVE-2018-14395",
    "CVE-2018-15822",
    "CVE-2018-1999010",
    "CVE-2018-1999011",
    "CVE-2018-1999012",
    "CVE-2018-1999013",
    "CVE-2018-1999014",
    "CVE-2018-1999015",
    "CVE-2018-6912",
    "CVE-2018-7557",
    "CVE-2018-7751",
    "CVE-2018-7757",
    "CVE-2018-9841",
    "CVE-2019-1000016",
    "CVE-2019-11338",
    "CVE-2019-11339",
    "CVE-2019-12730",
    "CVE-2019-17539",
    "CVE-2019-17542",
    "CVE-2019-9718",
    "CVE-2019-9721",
    "CVE-2020-12284",
    "CVE-2020-13904",
    "CVE-2020-14212",
    "CVE-2020-20446",
    "CVE-2020-20450",
    "CVE-2020-20453",
    "CVE-2020-21041",
    "CVE-2020-22015",
    "CVE-2020-22019",
    "CVE-2020-22021",
    "CVE-2020-22037",
    "CVE-2020-22038",
    "CVE-2020-22042",
    "CVE-2020-24020",
    "CVE-2020-35964",
    "CVE-2020-35965",
    "CVE-2021-30123",
    "CVE-2021-33815",
    "CVE-2021-38114",
    "CVE-2021-38171",
    "CVE-2021-38291",
    "CVE-2022-3965",
    "CVE-2023-46407",
    "CVE-2023-47342",
    "CVE-2023-47470"
  ]
}
    cleanstart-2026-xe32069
    Vulnerability from cleanstart
    Published
    2026-02-06 01:10
    Modified
    2026-02-03 13:35
    Summary
    Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ...
    Details

    Multiple security vulnerabilities affect the ffmpeg package. Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps. See references for individual vulnerability details.

    Severity
    9.8 (Critical)
    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    References
    https://github.com/cleanstart-dev/cleanstart-secu… ADVISORY
    https://osv.dev/vulnerability/CVE-2017-14058 WEB
    https://osv.dev/vulnerability/CVE-2017-14225 WEB
    https://osv.dev/vulnerability/CVE-2018-10001 WEB
    https://osv.dev/vulnerability/CVE-2018-12458 WEB
    https://osv.dev/vulnerability/CVE-2018-12459 WEB
    https://osv.dev/vulnerability/CVE-2018-12460 WEB
    https://osv.dev/vulnerability/CVE-2018-13300 WEB
    https://osv.dev/vulnerability/CVE-2018-13301 WEB
    https://osv.dev/vulnerability/CVE-2018-13302 WEB
    https://osv.dev/vulnerability/CVE-2018-13303 WEB
    https://osv.dev/vulnerability/CVE-2018-13304 WEB
    https://osv.dev/vulnerability/CVE-2018-13305 WEB
    https://osv.dev/vulnerability/CVE-2018-14394 WEB
    https://osv.dev/vulnerability/CVE-2018-14395 WEB
    https://osv.dev/vulnerability/CVE-2018-15822 WEB
    https://osv.dev/vulnerability/CVE-2018-1999010 WEB
    https://osv.dev/vulnerability/CVE-2018-1999011 WEB
    https://osv.dev/vulnerability/CVE-2018-1999012 WEB
    https://osv.dev/vulnerability/CVE-2018-1999013 WEB
    https://osv.dev/vulnerability/CVE-2018-1999014 WEB
    https://osv.dev/vulnerability/CVE-2018-1999015 WEB
    https://osv.dev/vulnerability/CVE-2018-6912 WEB
    https://osv.dev/vulnerability/CVE-2018-7557 WEB
    https://osv.dev/vulnerability/CVE-2018-7751 WEB
    https://osv.dev/vulnerability/CVE-2018-7757 WEB
    https://osv.dev/vulnerability/CVE-2018-9841 WEB
    https://osv.dev/vulnerability/CVE-2019-1000016 WEB
    https://osv.dev/vulnerability/CVE-2019-11338 WEB
    https://osv.dev/vulnerability/CVE-2019-11339 WEB
    https://osv.dev/vulnerability/CVE-2019-12730 WEB
    https://osv.dev/vulnerability/CVE-2019-17539 WEB
    https://osv.dev/vulnerability/CVE-2019-17542 WEB
    https://osv.dev/vulnerability/CVE-2019-9718 WEB
    https://osv.dev/vulnerability/CVE-2019-9721 WEB
    https://osv.dev/vulnerability/CVE-2020-12284 WEB
    https://osv.dev/vulnerability/CVE-2020-13904 WEB
    https://osv.dev/vulnerability/CVE-2020-14212 WEB
    https://osv.dev/vulnerability/CVE-2020-20446 WEB
    https://osv.dev/vulnerability/CVE-2020-20450 WEB
    https://osv.dev/vulnerability/CVE-2020-20453 WEB
    https://osv.dev/vulnerability/CVE-2020-21041 WEB
    https://osv.dev/vulnerability/CVE-2020-22015 WEB
    https://osv.dev/vulnerability/CVE-2020-22019 WEB
    https://osv.dev/vulnerability/CVE-2020-22021 WEB
    https://osv.dev/vulnerability/CVE-2020-22037 WEB
    https://osv.dev/vulnerability/CVE-2020-22038 WEB
    https://osv.dev/vulnerability/CVE-2020-22042 WEB
    https://osv.dev/vulnerability/CVE-2020-24020 WEB
    https://osv.dev/vulnerability/CVE-2020-35964 WEB
    https://osv.dev/vulnerability/CVE-2020-35965 WEB
    https://osv.dev/vulnerability/CVE-2021-30123 WEB
    https://osv.dev/vulnerability/CVE-2021-33815 WEB
    https://osv.dev/vulnerability/CVE-2021-38114 WEB
    https://osv.dev/vulnerability/CVE-2021-38171 WEB
    https://osv.dev/vulnerability/CVE-2021-38291 WEB
    https://osv.dev/vulnerability/CVE-2022-3965 WEB
    https://osv.dev/vulnerability/CVE-2023-46407 WEB
    https://osv.dev/vulnerability/CVE-2023-47342 WEB
    https://osv.dev/vulnerability/CVE-2023-47470 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2017-14058 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2017-14225 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-10001 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-12458 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-12459 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-12460 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13300 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13301 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13302 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13303 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13304 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-13305 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-14394 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-14395 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-15822 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999011 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999013 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999014 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-1999015 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-6912 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-7557 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-7751 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-7757 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2018-9841 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-1000016 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-11338 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-11339 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-12730 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-17539 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-17542 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-9718 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2019-9721 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-12284 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-13904 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-14212 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-20446 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-20450 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-20453 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-21041 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22015 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22019 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22021 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22037 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22038 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-22042 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-24020 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-35964 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2020-35965 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-30123 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-33815 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-38114 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-38171 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2021-38291 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2022-3965 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2023-46407 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2023-47342 WEB
    https://nvd.nist.gov/vuln/detail/CVE-2023-47470 WEB
    To clipboard 

    {
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "ffmpeg"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the ffmpeg package. Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-XE32069",
  "modified": "2026-02-03T13:35:45Z",
  "published": "2026-02-06T01:10:32.733224Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XE32069.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14058"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-14225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-10001"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12458"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12459"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-12460"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13300"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13301"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13302"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13303"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13304"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-13305"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-14394"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-14395"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-15822"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999010"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999011"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999012"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999013"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999014"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1999015"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-6912"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7751"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-7757"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-9841"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-1000016"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-11338"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-11339"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-12730"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-17539"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-17542"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9718"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-9721"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-12284"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13904"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-14212"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-20446"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-20450"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-20453"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-21041"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22015"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22019"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22021"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22037"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22038"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-22042"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-24020"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-35964"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-35965"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-30123"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-33815"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-38114"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-38171"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-38291"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3965"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-46407"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-47342"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-47470"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14058"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10001"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12458"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12459"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12460"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13300"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13301"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13302"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13303"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13304"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13305"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14394"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14395"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15822"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999010"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999011"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999012"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999013"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999014"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1999015"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6912"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7751"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9841"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1000016"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11338"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11339"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12730"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17539"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17542"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9718"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9721"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12284"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13904"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14212"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20446"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20450"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20453"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-21041"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22015"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22019"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22021"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22037"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22038"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22042"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24020"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35964"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35965"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30123"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33815"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38114"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38171"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38291"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3965"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46407"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47342"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47470"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ...",
  "upstream": [
    "CVE-2017-14058",
    "CVE-2017-14225",
    "CVE-2018-10001",
    "CVE-2018-12458",
    "CVE-2018-12459",
    "CVE-2018-12460",
    "CVE-2018-13300",
    "CVE-2018-13301",
    "CVE-2018-13302",
    "CVE-2018-13303",
    "CVE-2018-13304",
    "CVE-2018-13305",
    "CVE-2018-14394",
    "CVE-2018-14395",
    "CVE-2018-15822",
    "CVE-2018-1999010",
    "CVE-2018-1999011",
    "CVE-2018-1999012",
    "CVE-2018-1999013",
    "CVE-2018-1999014",
    "CVE-2018-1999015",
    "CVE-2018-6912",
    "CVE-2018-7557",
    "CVE-2018-7751",
    "CVE-2018-7757",
    "CVE-2018-9841",
    "CVE-2019-1000016",
    "CVE-2019-11338",
    "CVE-2019-11339",
    "CVE-2019-12730",
    "CVE-2019-17539",
    "CVE-2019-17542",
    "CVE-2019-9718",
    "CVE-2019-9721",
    "CVE-2020-12284",
    "CVE-2020-13904",
    "CVE-2020-14212",
    "CVE-2020-20446",
    "CVE-2020-20450",
    "CVE-2020-20453",
    "CVE-2020-21041",
    "CVE-2020-22015",
    "CVE-2020-22019",
    "CVE-2020-22021",
    "CVE-2020-22037",
    "CVE-2020-22038",
    "CVE-2020-22042",
    "CVE-2020-24020",
    "CVE-2020-35964",
    "CVE-2020-35965",
    "CVE-2021-30123",
    "CVE-2021-33815",
    "CVE-2021-38114",
    "CVE-2021-38171",
    "CVE-2021-38291",
    "CVE-2022-3965",
    "CVE-2023-46407",
    "CVE-2023-47342",
    "CVE-2023-47470"
  ]
}

    GSD-2023-47342

    Vulnerability from gsd - Updated: 2023-12-13 01:20
    Details
    ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
    Aliases
    Aliases
    CVE-2023-47342
    To clipboard 

    {
  "GSD": {
    "alias": "CVE-2023-47342",
    "id": "GSD-2023-47342"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-47342"
      ],
      "id": "GSD-2023-47342",
      "modified": "2023-12-13T01:20:51.805280Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2023-47342",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

    WID-SEC-W-2023-2887

    Vulnerability from csaf_certbund - Published: 2023-11-14 23:00 - Updated: 2024-05-02 22:00
    Summary
    ffmpeg: Mehrere Schwachstellen ermöglichen Denial of Service
    Severity
    Mittel
    Notes
    Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
    Produktbeschreibung: Das FFmpeg-Projekt besteht aus freien Programmen und Bibliotheken, die es ermöglichen, digitales Video- und Audiomaterial aufzunehmen, zu konvertieren, zu streamen und abzuspielen. Zudem enthält es mit libavcodec eine Audio- und Video-Codec-Sammlung, die verschiedene Codecs zur Verfügung stellt.
    Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in ffmpeg ausnutzen, um einen Denial of Service Angriff durchzuführen.
    Betroffene Betriebssysteme: - Linux - MacOS X - Windows
    CVE-2023-47342

    Es bestehen mehrere Schwachstellen in ffmpeg. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

    CVE-2023-47343

    Es bestehen mehrere Schwachstellen in ffmpeg. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

    CVE-2023-47344

    Es bestehen mehrere Schwachstellen in ffmpeg. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

    References
    To clipboard 

    {
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das FFmpeg-Projekt besteht aus freien Programmen und Bibliotheken, die es erm\u00f6glichen, digitales Video- und Audiomaterial aufzunehmen, zu konvertieren, zu streamen und abzuspielen. Zudem enth\u00e4lt es mit libavcodec eine Audio- und Video-Codec-Sammlung, die verschiedene Codecs zur Verf\u00fcgung stellt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in ffmpeg ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2887 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2887.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2887 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2887"
      },
      {
        "category": "external",
        "summary": "FFmpeg Security vom 2023-11-14",
        "url": "https://ffmpeg.org/security.html"
      }
    ],
    "source_lang": "en-US",
    "title": "ffmpeg: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2024-05-02T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:01:28.372+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2887",
      "initial_release_date": "2023-11-14T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-11-14T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-05-02T22:00:00.000+00:00",
          "number": "2",
          "summary": "CVE erg\u00e4nzt"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.1",
                "product": {
                  "name": "Open Source ffmpeg \u003c6.1",
                  "product_id": "T031104"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.0.1",
                "product": {
                  "name": "Open Source ffmpeg \u003c6.0.1",
                  "product_id": "T031105"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.1.4",
                "product": {
                  "name": "Open Source ffmpeg \u003c5.1.4",
                  "product_id": "T031106"
                }
              }
            ],
            "category": "product_name",
            "name": "ffmpeg"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-47342",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in ffmpeg. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "release_date": "2023-11-14T23:00:00.000+00:00",
      "title": "CVE-2023-47342"
    },
    {
      "cve": "CVE-2023-47343",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in ffmpeg. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "release_date": "2023-11-14T23:00:00.000+00:00",
      "title": "CVE-2023-47343"
    },
    {
      "cve": "CVE-2023-47344",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in ffmpeg. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "release_date": "2023-11-14T23:00:00.000+00:00",
      "title": "CVE-2023-47344"
    }
  ]
}