exploitDog

CVE-2025-57615

Опубликовано: 02 сент. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to c_int, which can result in a negative value being passed to the underlying C function sws_allocVec().

Ссылки

https://github.com/meh/rust-ffmpeg/issues/192
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:meh.schizofreni:rust-ffmpeg:0.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00124

Низкий

7.5 High

CVSS3

Дефекты

CWE-476

Связанные уязвимости

GHSA-wv74-xf96-v6rg

CVSS3: 7.5

github

5 месяцев назад

An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to c_int, which can result in a negative value being passed to the underlying C function sws_allocVec().

EPSS

Процентиль: 32%

0.00124

Низкий

7.5 High

CVSS3

Дефекты

CWE-476