CVE-2023-6603

Опубликовано: 31 дек. 2024

Источник: debian

EPSS Низкий

Описание

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ffmpeg	fixed	7:5.0.1-2		package
ffmpeg	postponed		bullseye	package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=2334335
Fixed by: https://github.com/FFmpeg/FFmpeg/commit/28c83584e8f3cd747c1476a74cc2841d3d1fa7f3 (n5.0)

EPSS

Процентиль: 48%

0.00245

Низкий

Связанные уязвимости

CVE-2023-6603

CVSS3: 7.5

ubuntu

11 месяцев назад

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.

CVE-2023-6603

CVSS3: 7.5

nvd

11 месяцев назад

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.

GHSA-gxvx-w63c-jprw

CVSS3: 7.5

github

11 месяцев назад

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.

BDU:2025-14437

CVSS3: 7.5

fstec

11 месяцев назад

Уязвимость мультимедийной библиотеки FFmpeg, связанная с разыменованием указателя NULL, позволяющая нарушителю вызвать отказ в обслуживании

ROS-20251110-01

CVSS3: 7.5

redos

21 день назад

Множественные уязвимости ffmpeg

EPSS

Процентиль: 48%

0.00245

Низкий