CVE-2025-57615

Name of the Vulnerable Software and Affected Versions rust-ffmpeg version 0.3.0 (after commit 5ac0527)

Description An integer overflow vulnerability exists in the Vector::new constructor function. This can lead to a denial of service through a null pointer dereference. The issue arises from an unchecked cast of a usize parameter to c int, potentially resulting in a negative value being passed to the sws allocVec() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.