0.002 Low
EPSS
Percentile
58.8%
FFmpeg is vulnerable to denial of service (DoS) attacks. A malicious user can pass a MXF file without an End of File (EoF) terminator to the application to cause a big loop that would consume large amounts of CPU resources.
www.debian.org/security/2017/dsa-3996
www.securityfocus.com/bid/100700
github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2
github.com/FFmpeg/FFmpeg/commit/f173cdfe669556aa92857adafe60cbe5f2aa1210
lists.debian.org/debian-lts-announce/2019/01/msg00006.html