VDB
CVE-2017-15186
CVE-2017-15186
PUBLISHED
Reported by mitre · Published October 24, 2017
Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial of service via a crafted AVI file.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
| alpine | ffmpeg | 0, 0, 0 |
Timeline
- Oct 24, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- May 17, 2022 CVE Updated
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- [oss-security] 20171020 [CVE-2017-15186]: ffmpeg: Double free when ffmpeg parsing an craft AVI file to MKV file using ffvhuff decoder mailing-listx_refsource_MLIST
- 101518 vdb-entryx_refsource_BID
- DSA-4049 vendor-advisoryx_refsource_DEBIAN