| Max CVSS | 7.1 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-14058 | 4.3 |
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop).
|
29-12-2020 - 21:15 | 31-08-2017 - 15:29 | |
| CVE-2018-1999012 | 7.1 |
FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. Th
|
03-10-2019 - 00:03 | 23-07-2018 - 15:29 | |
| CVE-2018-6392 | 4.3 |
The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file.
|
31-03-2019 - 02:29 | 29-01-2018 - 19:29 | |
| CVE-2015-1872 | 6.8 |
The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) o
|
31-03-2019 - 02:29 | 26-07-2015 - 22:59 | |
| CVE-2017-1000460 | 4.3 |
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exceptio
|
31-03-2019 - 02:29 | 03-01-2018 - 20:29 |