PT-2021-10657 · FFmpeg · Ffmpeg

Published

2021-08-10

Updated

2021-08-11

CVE-2020-21690

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: FFmpeg version 4.2

Description: A memory leak in the grow array function in cmdutils.c of FFmpeg allows attackers to cause a denial of service via a crafted ogg file.

Recommendations: For FFmpeg version 4.2, consider updating to a newer version to mitigate the risk of denial of service attacks. As a temporary workaround, consider restricting the processing of crafted ogg files to minimize the risk of exploitation.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-21690

Affected Products

Ffmpeg

PT-2021-10657 · FFmpeg · Ffmpeg

CVE-2020-21690

Related Identifiers

Affected Products

References · 7