CVE-2020-36138

An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).
Configurations

Configuration 1 (hide)

cpe:2.3:a:ffmpeg:ffmpeg:4.3:*:*:*:*:*:*:*

History

16 Aug 2023, 15:20

Type Values Removed Values Added
CWE CWE-476
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CPE cpe:2.3:a:ffmpeg:ffmpeg:4.3:*:*:*:*:*:*:*
References (MISC) https://lists.ffmpeg.org/pipermail/ffmpeg-devel/2020-November/272001.html - (MISC) https://lists.ffmpeg.org/pipermail/ffmpeg-devel/2020-November/272001.html - Patch
References (MISC) https://github.com/FFmpeg/FFmpeg/commit/292e41ce650a7b5ca5de4ae87fff0d6a90d9fc97 - (MISC) https://github.com/FFmpeg/FFmpeg/commit/292e41ce650a7b5ca5de4ae87fff0d6a90d9fc97 - Patch
References (MISC) https://trac.ffmpeg.org/ticket/8960 - (MISC) https://trac.ffmpeg.org/ticket/8960 - Patch

11 Aug 2023, 15:18

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-11 14:15

Updated : 2024-02-05 00:01


NVD link : CVE-2020-36138

Mitre link : CVE-2020-36138

CVE.ORG link : CVE-2020-36138


JSON object : View

Products Affected

ffmpeg

  • ffmpeg
CWE
CWE-476

NULL Pointer Dereference