Опубликовано: 21 авг. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8
Описание
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 7:3.4.11-0ubuntu0.1 |
| devel | not-affected | 7:4.4.1-3ubuntu2 |
| esm-apps/bionic | released | 7:3.4.11-0ubuntu0.1 |
| esm-apps/focal | released | 7:4.2.7-0ubuntu0.1 |
| esm-apps/jammy | not-affected | 7:4.4.1-3ubuntu2 |
| esm-apps/xenial | released | 7:2.8.17-0ubuntu0.1+esm4 |
| esm-infra-legacy/trusty | DNE | |
| focal | released | 7:4.2.7-0ubuntu0.1 |
| hirsute | ignored | end of life |
| impish | released | 7:4.4.2-0ubuntu0.21.10.1 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 43%
0.0021
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 4 лет назад
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
CVSS3: 9.8
debian
больше 4 лет назад
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not ...
EPSS
Процентиль: 43%
0.0021
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3