VDB
ALPINE-CVE-2016-10192
ALPINE-CVE-2016-10192
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.
Risk Scores
CVSS 3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.3 | ffmpeg | 0.10-r0, 0.10-r1, 0.10-r2 |
| Alpine:v3.4 | ffmpeg | 2.0.2-r0, 2.1-r0, 2.1.1-r0 |
Timeline
- Feb 9, 2017 CVE Published
- Nov 19, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch