CNNVD-202510-829 Information

CNNVD ID

CNNVD-202510-829

Related CVE

CVE-2025-59730

• CNNVD Published: 2025-10-06

Description (Chinese)

FFmpeg是FFmpeg团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg 8.0之前版本存在安全漏洞，该漏洞源于解码帧时未检查解码数据是否超出分配缓冲区，可能导致堆缓冲区溢出。

Description (English)

FFmpeg is a complete set of records, conversions and fluidizations for the FFmpeg team. There was a security loophole in the previous version of FFmpeg 8.0, which stemmed from the fact that the decoder frame did not check whether the decoder data went beyond the allocated buffer zone, which could result in spilling over the buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

FFmpeg

Published

2025-10-06

Last Modified

2026-02-24

References

https://issuetracker.google.com/434637586 https://vigilance.fr/vulnerability/FFmpeg-buffer-overflow-via-SANM-process-frame-obj-initializes-49069

Patch

https://issuetracker.google.com/434637586