CVE-2020-14212

CVE-2020-14212

EPSS 1.7%

FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://patchwork.ffmpeg.org/project/ffmpeg/list/?series=1463 https://security.gentoo.org/glsa/202007-58 https://trac.ffmpeg.org/ticket/8716