Описание
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Patch
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Patch
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
Конфигурация 2Версия до 5.0.3 (исключая)
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00181
Низкий
7.5 High
CVSS3
Дефекты
CWE-476
CWE-476
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 3 лет назад
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
CVSS3: 7.5
debian
около 3 лет назад
An issue was discovered in the FFmpeg package, where vp3_decode_frame ...
CVSS3: 7.5
github
около 3 лет назад
An issue was discovered in the FFmpeg through 3.0. vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause the null pointer dereference, impacting confidentiality and availability.
EPSS
Процентиль: 40%
0.00181
Низкий
7.5 High
CVSS3
Дефекты
CWE-476
CWE-476