DEBIAN-CVE-2025-0518

DEBIAN-CVE-2025-0518 PUBLISHED CVSS 5.300000190734863 MEDIUM

Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issue was fixed: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman

Risk Scores

CVSS 3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:14	ffmpeg	0, 0
Debian:13	ffmpeg	0, 0
Debian:12	ffmpeg	7:5.1.5-0+deb12u1, 7:5.1.6-0+deb12u1, *
Debian:11	ffmpeg	4.3.4-0, 4.3.5-0, 4.3.6-0

Timeline

Jan 16, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-0518 advisory

Open in Interactive Console →