[Git][security-tracker-team/security-tracker][master] Add CVE-2025-22920/ffmpeg
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 25 19:44:12 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7c00a814 by Salvatore Bonaccorso at 2025-02-25T20:43:54+01:00
Add CVE-2025-22920/ffmpeg
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1117,7 +1117,10 @@ CVE-2025-22921 (FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain
NOTE: https://trac.ffmpeg.org/ticket/11393
NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7f9c7f9849a2155224711f0ff57ecdac6e4bfb57q
CVE-2025-22920 (A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c a ...)
- TODO: check
+ - ffmpeg <not-affected> (Vulnerable code introduce later)
+ NOTE: https://trac.ffmpeg.org/ticket/11389
+ NOTE: Introduced with: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/545de54e3e0ce5ad1285aa5e111e6657ad803f79
+ NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/4bf784c0e5615c3f934e677d5de093a8be7da7ae
CVE-2025-22919 (A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 ...)
TODO: check
CVE-2025-22888 (Movable Type contains a stored cross-site scripting vulnerability in t ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c00a8149cb7f166f1519d3a03406dbbb3b9696b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c00a8149cb7f166f1519d3a03406dbbb3b9696b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250225/5f3971f6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list