« List of all CVEs

CVE-2017-16840

Published: 11/21/2017 Last updated: 8/5/2024 Reserved: 11/15/2017

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product Vendor Version
n/a n/a < 10.0.26100.2605

References (8)