CVE-2023-46407

Опубликовано: 27 окт. 2023

Источник: debian

Описание

FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.

Пакет	Статус	Версия исправления	Релиз	Тип
ffmpeg	not-affected			package

Introduced by: https://github.com/FFmpeg/FFmpeg/commit/f7ac3512f5b5cb8eb149f37300b43461d8e93af3
Fixed by: https://github.com/FFmpeg/FFmpeg/commit/bf814387f42e9b0dea9d75c03db4723c88e7d962
https://patchwork.ffmpeg.org/project/ffmpeg/patch/20231015004924.597746-1-leo.izen%40gmail.com/
https://patchwork.ffmpeg.org/project/ffmpeg/patch/20231013014959.536776-1-leo.izen%40gmail.com/

CVE-2023-46407

CVSS3: 5.5

ubuntu

больше 2 лет назад

FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.

CVE-2023-46407

CVSS3: 5.5

nvd

больше 2 лет назад

FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.

GHSA-9j42-4j78-g4mh

CVSS3: 5.5

github

больше 2 лет назад

FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.