ffmpeg (SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS package ffmpeg, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (20)
CVE-2024-35368 — CVSS 9.8 (critical): FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.
CVE-2020-20898 — CVSS 8.8 (high): Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a…
CVE-2023-49502 — CVSS 8.8 (high): Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the…
CVE-2021-38090 — CVSS 8.8 (high): Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a…
CVE-2021-38091 — CVSS 8.8 (high): Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a…
CVE-2021-38094 — CVSS 8.8 (high): Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial…
CVE-2024-35365 — CVSS 8.8 (high): FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the…
CVE-2022-48434 — CVSS 8.1 (high): libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which…
CVE-2023-51794 — CVSS 7.8 (high): Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the…
CVE-2023-50010 — CVSS 7.8 (high): FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id…
CVE-2023-51793 — CVSS 7.8 (high): Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the…
CVE-2024-31578 — CVSS 7.5 (high): FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
CVE-2025-22919 — CVSS 6.5 (medium): A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a…
CVE-2025-22921 — CVSS 6.5 (medium): FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.
CVE-2024-36613 — CVSS 6.2 (medium): FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in…
CVE-2025-7700 — CVSS 5.3 (medium): A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the…
CVE-2025-0518 — CVSS 5.3 (medium): Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability…
CVE-2020-20901: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22022. Reason: This candidate is a duplicate of CVE-2020-22022…
CVE-2020-20900: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22032. Reason: This candidate is a duplicate of CVE-2020-22032…
CVE-2020-20894: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22025. Reason: This candidate is a duplicate of CVE-2020-22025…