Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2019-12730

Published: 04/06/2019 Updated: 24/08/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Ffmpeg

Vulnerability Summary

aa_read_header in libavformat/aadec.c in FFmpeg prior to 3.2.14 and 4.x prior to 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ffmpeg ffmpeg

Vendor Advisories

Debian CVElist Bug Report Logs: ffmpeg: CVE-2019-12730
Debian Bug report logs - #932469 ffmpeg: CVE-2019-12730 Package: src:ffmpeg; Maintainer for src:ffmpeg is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 19 Jul 2019 19:45:02 UTC Severity: important Tags: fixed-upstream, security, up ...
Debian Security Advisories: DSA-4502-1 ffmpeg -- security update
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed For the stable distribution (buster), this problem has been fixed in version 7:414-1~deb10u1 We recommend that you upgrade your ffmpeg pa ...

Github Repositories

https://github.com/iLifetruth/FFmpegSecurity

Multimedia Communication

FFmpegSecurity Multimedia Communication 1 CVE-2019-12730

https://github.com/homoluctus/ecranner

Scan the vulnerability of Docker images stored in ECR

ECRanner This is that scan the vulnerability of Docker images stored in ECR Table of contents Feature Get Started Install Prerequirements Install ECRanner Write ecranneryml Execute Command options Configuration Parameter v10 Feature Pull Docker Image From ECR Support multi account Vulnerability Scan Trivy detects software (OS package and application library) vul

References

CWE-908https://github.com/FFmpeg/FFmpeg/compare/a97ea53...ba11e40https://github.com/FFmpeg/FFmpeg/commit/ed188f6dcdf0935c939ed813cf8745d50742014bhttps://git.ffmpeg.org/gitweb/ffmpeg.git/commit/9b4004c054964a49c7ba44583f4cee22486dd8f2https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1.4http://www.securityfocus.com/bid/109317https://seclists.org/bugtraq/2019/Aug/30https://www.debian.org/security/2019/dsa-4502https://security.gentoo.org/glsa/202003-65https://usn.ubuntu.com/4431-1/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932469https://nvd.nist.govhttps://github.com/iLifetruth/FFmpegSecurityhttps://www.debian.org/security/2019/dsa-4502
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook