Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

FFmpeg <= 4.1 Multiple Vulnerabilities

Information

Severity

Severity

Medium

Family

Family

Denial of Service

CVSSv2 Base

CVSSv2 Base

4.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

5 years ago

Modified

Modified

5 years ago

Summary

FFmpeg is prone to multiple vulnerabilities.

Insight

Insight

A vulnerability in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format: - because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf - because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf

Affected Software

Affected Software

FFmpeg through version 4.1.0.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Update to version 4.1.1.

Common Vulnerabilities and Exposures (CVE)