VDB
CVE-2025-1816
CVE-2025-1816
PUBLISHED
Das FFmpeg-Projekt besteht aus freien Programmen und Bibliotheken, die es ermöglichen, digitales Video- und Audiomaterial aufzunehmen, zu konvertieren, zu streamen und abzuspielen. Zudem enthält es mit libavcodec eine Audio- und Video-Codec-Sammlung, die verschiedene Codecs zur Verfügung stellt.
EPSS 0.09% · 25.2th percentile
Risk Scores
EPSS Score
0.09%
25.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Ubuntu Linux | |
| Open Source | Open Source ffmpeg <0526535cd58444dd264e810b2f3348b4d96cff3b |
Exploit Intelligence
- CIRCL seen: CVE-2025-1816 (circl-sighting)
- CIRCL seen: CVE-2025-1816 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2025-1816 (circl-sighting)
- VDB-298089 | FFmpeg IAMF File iamf_parse.c audio_element_obu memory leak (circl)
- VDB-298089 | CTI Indicators (IOB, IOC, TTP, IOA) (circl)
- Submit #506575 | FFmpeg git master Memory Leak (circl)
- https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/0526535cd58444dd264e810b2f3348b4d96cff3b (circl)
- https://ffmpeg.org/ (circl)
- https://trac.ffmpeg.org/ticket/11475 (cve.org)
- https://trac.ffmpeg.org/attachment/ticket/11475/poc (cve.org)
Timeline
- Mar 2, 2025 CVE Published
- Mar 2, 2025 PoC Published
- Mar 2, 2025 PoC Published
- Mar 2, 2025 PoC Published
- Mar 3, 2025 EPSS Score
- Mar 7, 2025 Coalition ESS Score
- Mar 17, 2025 EPSS Score
- Mar 31, 2025 EPSS Score
- Apr 14, 2025 EPSS Score
- Apr 28, 2025 EPSS Score
- May 11, 2025 EPSS Score
- May 25, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0468.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0468 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2349257 advisory
- https://github.com/advisories/GHSA-77wf-7c6r-cx8j advisory
- https://ubuntu.com/security/notices/USN-7538-1 advisory