exploitDog

CVE-2025-57613

Опубликовано: 02 сент. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) A null pointer dereference vulnerability in the input() constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avio_alloc_context() call fails and returns NULL, which is then stored and later dereferenced by the Io struct's Drop implementation.

Ссылки

https://github.com/meh/rust-ffmpeg/issues/192
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:meh.schizofreni:rust-ffmpeg:0.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00124

Низкий

7.5 High

CVSS3

Дефекты

CWE-476

Связанные уязвимости

GHSA-r9rp-xj5x-xhgh

CVSS3: 7.5

github

5 месяцев назад

An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) A null pointer dereference vulnerability in the input() constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avio_alloc_context() call fails and returns NULL, which is then stored and later dereferenced by the Io struct's Drop implementation.

EPSS

Процентиль: 32%

0.00124

Низкий

7.5 High

CVSS3

Дефекты

CWE-476