0.002 Low
EPSS
Percentile
59.8%
FFmpeg is vulnerable to denial of service. An attacker is able to hog the CPU via a malicious video file in Matroska format as the handle_open_brace function in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
handle_open_brace
libavcodec/htmlsubtitles.c
www.securityfocus.com/bid/107384
git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65
github.com/FFmpeg/FFmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774
usn.ubuntu.com/3967-1/