VDB
GCVE-110-MAGEIA-2021-495
GCVE-110-MAGEIA-2021-495
Advisory Published
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c,
which allows a remote malicious user to cause a Denial of Service.
(CVE-2020-20446)
FFmpeg 4.2 is affected by null pointer dereference passed as argument to
libavformat/aviobuf.c, which could cause a Denial of Service.
(CVE-2020-20450)
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder,
which allows a remote malicious user to cause a Denial of Service.
(CVE-2020-20453)
Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend
in libavcodec/pngenc.c, which could let a remote malicious user cause a
Denial of Service. (CVE-2020-21041)
Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to
the out of bounds in libavformat/movenc.c, which could let a remote
malicious user obtain sensitive information, cause a Denial of Service, or
execute arbitrary code. (CVE-2020-22015)
Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in
libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause
a Denial of Service. (CVE-2020-22019)
Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in
libavfilter/vf_yadif.c, which could let a remote malicious user cause a
Denial of Service. (CVE-2020-22021)
A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at
libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote
malicious user cause a Denial of Service. (CVE-2020-22033)
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak
in avcodec_alloc_context3 at options.c. (CVE-2020-22037)
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak
in the ff_v4l2_m2m_create_context function in v4l2_m2m.c. (CVE-2020-22038)
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak
is affected by: memory leak in the link_filter_inouts function in
libavfilter/graphparser.c. (CVE-2020-22042)
libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the
init_vlc function, a similar issue to CVE-2013-0868. (CVE-2021-38114)
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check
the init_get_bits return value, which is a necessary step because the second
argument to init_get_bits can be crafted. (CVE-2021-38171)
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers
from a an assertion failure at src/libavutil/mathematics.c. (CVE-2021-38291)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | ffmpeg | 0 (affected), 4.3.3-3.mga8 (unaffected), 0 (affected), 4.3.3-3.mga8.tainted (unaffected) | — |
References
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.