exploitDog

CVE-2025-57612

Опубликовано: 02 сент. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Null pointer dereference vulnerability in the name() method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check for a NULL return value from the av_get_sample_fmt_name() C function, which can be triggered by providing an unrecognized sample format.

Ссылки

https://github.com/meh/rust-ffmpeg/issues/192
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:meh.schizofreni:rust-ffmpeg:0.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00171

Низкий

7.5 High

CVSS3

Дефекты

CWE-476

Связанные уязвимости

GHSA-r5mw-v3mq-jrvm

CVSS3: 7.5

github

5 месяцев назад

An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Null pointer dereference vulnerability in the name() method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check for a NULL return value from the av_get_sample_fmt_name() C function, which can be triggered by providing an unrecognized sample format.

EPSS

Процентиль: 39%

0.00171

Низкий

7.5 High

CVSS3

Дефекты

CWE-476