CVE-2025-8585

Опубликовано: 05 авг. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 5.3

Описание

A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer.

Релиз	Статус	Примечание
devel	not-affected	code not present
esm-apps/bionic	not-affected	code not present
esm-apps/focal	not-affected	code not present
esm-apps/jammy	not-affected	code not present
esm-apps/noble	not-affected	code not present
esm-apps/xenial	not-affected	code not present
jammy	not-affected	code not present
noble	not-affected	code not present
plucky	not-affected	code not present
questing	not-affected	code not present

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	needed
jammy	DNE
noble	DNE
plucky	DNE
questing	DNE
upstream	needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 10%

0.00036

Низкий

4.3 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2025-8585

CVSS3: 5.3

nvd

2 месяца назад

CVE-2025-8585

CVSS3: 5.3

debian

2 месяца назад

A vulnerability, which was classified as critical, has been found in l ...

GHSA-328q-vg6x-8ppv

CVSS3: 5.3

github

2 месяца назад

EPSS

Процентиль: 10%

0.00036

Низкий

4.3 Medium

CVSS2

5.3 Medium

CVSS3

CVE-2025-8585

Описание

Пакет ffmpeg

Пакет libav

Ссылки на источники

Связанные уязвимости