CVE-2019-15942

Опубликовано: 05 сент. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html
Broken Link
https://security.gentoo.org/glsa/202007-58
Third Party Advisory
https://trac.ffmpeg.org/ticket/8093
Exploit
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html
Broken Link
https://security.gentoo.org/glsa/202007-58
Third Party Advisory
https://trac.ffmpeg.org/ticket/8093
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*

Версия до 4.2 (включая)

EPSS

Процентиль: 65%

0.005

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-252

Связанные уязвимости

CVE-2019-15942

CVSS3: 8.8

ubuntu

больше 6 лет назад

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.

CVE-2019-15942

CVSS3: 8.8

redhat

почти 6 лет назад

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.

CVE-2019-15942

CVSS3: 8.8

debian

больше 6 лет назад

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitia ...

GHSA-8pcj-qprc-8gf2

CVSS3: 8.8

github

больше 3 лет назад

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.

openSUSE-SU-2020:0024-1

suse-cvrf

около 6 лет назад

Security update for ffmpeg-4

EPSS

Процентиль: 65%

0.005

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-252