Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

71 – 80 of 479 results


CVE-2020-20896

Medium priority
Needs evaluation

An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer dereference.

3 affected packages

ffmpeg, qtwebengine-opensource-src, vice

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-20892

Medium priority

Some fixes available 1 of 22

An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero.

3 affected packages

ffmpeg, qtwebengine-opensource-src, vice

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-20891

Medium priority
Needs evaluation

Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

3 affected packages

ffmpeg, qtwebengine-opensource-src, vice

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-38171

Medium priority

Some fixes available 4 of 5

adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-38291

Medium priority

Some fixes available 4 of 5

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-21697

Medium priority

Some fixes available 3 of 25

A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.

3 affected packages

ffmpeg, qtwebengine-opensource-src, vice

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Fixed Fixed Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-21688

Medium priority

Some fixes available 3 of 25

A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code.

3 affected packages

ffmpeg, qtwebengine-opensource-src, vice

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Fixed Fixed Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-3566

Medium priority
Fixed

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of...

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2021-38114

Medium priority

Some fixes available 4 of 5

libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-33815

Medium priority
Ignored

dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected
Show less packages