Описание
An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Null pointer dereference vulnerability in the dump() method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check the return value of avfilter_graph_dump() for NULL, leading to a crash if the underlying memory allocation fails.
Ссылки
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:meh.schizofreni:rust-ffmpeg:0.3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-476
Связанные уязвимости
CVSS3: 5.3
github
5 месяцев назад
An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Null pointer dereference vulnerability in the dump() method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check the return value of avfilter_graph_dump() for NULL, leading to a crash if the underlying memory allocation fails.
EPSS
Процентиль: 21%
0.00069
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-476