Lucene search
GoogleOSV:CVE-2019-11338HistoryApr 19, 2019 - 12:29 a.m.
CVE-2019-11338
2019-04-1900:29:00
Google
osv.dev
11
libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ffmpeg.git | eq | n2.4-de | |
| ffmpeg.git | eq | n2.2-de | |
| ffmpeg.git | eq | n3.5-de | |
| ffmpeg.git | eq | n0.11-de | |
| ffmpeg.git | eq | n4.2-de | |
| ffmpeg.git | eq | n2.3-de | |
| ffmpeg.git | eq | n3.4.4 | |
| ffmpeg.git | eq | n2.5-de | |
| ffmpeg.git | eq | n3.4.5 | |
| ffmpeg.git | eq | n3.4.3 |
References
lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html
www.securityfocus.com/bid/108034
github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e
github.com/FFmpeg/FFmpeg/commit/9ccc633068c6fe76989f487c8932bd11886ad65b
lists.debian.org/debian-lts-announce/2019/05/msg00043.html
seclists.org/bugtraq/2019/May/60
usn.ubuntu.com/3967-1/
usn.ubuntu.com/4431-1/
www.debian.org/security/2019/dsa-4449
Related
openvas
openvas
FFmpeg <= 4.1.2 Denial of Service (DoS) Vulnerability
2019-04-24 00:00:00
Debian: Security Advisory (DLA-1809-1)
2019-06-01 00:00:00
openSUSE: Security Advisory for ffmpeg-4 (openSUSE-SU-2020:0024-1)
2020-01-14 00:00:00
cve
cve
CVE-2019-11338
2019-04-19 00:29:00
alpinelinux
alpinelinux
CVE-2019-11338
2019-04-19 00:29:00
prion
prion
Null pointer dereference
2019-04-19 00:29:00
nvd
nvd
CVE-2019-11338
2019-04-19 00:29:00
debiancve
debiancve
CVE-2019-11338
2019-04-19 00:29:00
cvelist
cvelist
CVE-2019-11338
2019-04-18 23:52:00
ubuntucve
ubuntucve
CVE-2019-11338
2019-04-18 00:00:00
osv
osv
libav - security update
2019-05-29 00:00:00
ffmpeg - security update
2019-05-22 00:00:00
nessus
nessus
Debian DLA-1809-1 : libav security update
2019-05-30 00:00:00
Debian DSA-4449-1 : ffmpeg - security update
2019-05-23 00:00:00
openSUSE Security Update : ffmpeg-4 (openSUSE-2020-24)
2020-01-15 00:00:00
debian
debian
[SECURITY] [DLA 1809-1] libav security update
2019-05-29 07:53:33
[SECURITY] [DSA 4449-1] ffmpeg security update
2019-05-22 21:37:58
cloudfoundry
cloudfoundry
USN-3967-1: FFmpeg vulnerabilities | Cloud Foundry
2019-05-20 00:00:00
USN-4431-1: FFmpeg vulnerabilities | Cloud Foundry
2020-08-27 00:00:00
ubuntu
ubuntu
FFmpeg vulnerabilities
2019-05-06 00:00:00
FFmpeg vulnerabilities
2020-07-22 00:00:00
suse
suse
Security update for ffmpeg-4 (moderate)
2020-01-14 00:00:00