CVE-2025-1373

Medium CVSS: 4.8

A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The patch is identified as 43be8d07281caca2e88bfd8ee2333633e1fb1a13. It is recommended to apply a patch to fix this issue.

Vendor

Ffmpeg

Product

Ffmpeg

CWE

CWE-404

Yayın Tarihi

2025-02-17 04:15:08

Güncelleme

2025-06-03 17:53:41

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-404 Ffmpeg MEDIUM Ffmpeg 2025

Referanslar

https://ffmpeg.org/ https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/43be8d07281caca2e88bfd8ee2333633e1fb1a13 https://trac.ffmpeg.org/attachment/ticket/11460/poc https://trac.ffmpeg.org/ticket/11460 https://vuldb.com/?ctiid.295982 https://vuldb.com/?id.295982 https://vuldb.com/?submit.496930

Benzer Kayıtlar

Medium

CVE-2025-69693

Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The quantization parameter (qp) va…

Medium

CVE-2025-10256

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a…

Low

CVE-2025-12343

A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in…

High

CVE-2025-63757

Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in FFmpeg 8.0.

Medium

CVE-2024-55069

ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.

Medium

CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_searc…