Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code.
References
| Link | Resource |
|---|---|
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=584f396132aa19d21bb1e38ad9a5d428869290cb | |
| https://trac.ffmpeg.org/ticket/8718 | Issue Tracking Vendor Advisory |
Configurations
History
07 Nov 2023, 03:19
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
28 May 2021, 19:37
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:ffmpeg:ffmpeg:4.2.3:*:*:*:*:*:*:* | |
| CWE | CWE-120 | |
| CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
| References | (MISC) http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=584f396132aa19d21bb1e38ad9a5d428869290cb - Patch, Third Party Advisory | |
| References | (MISC) https://trac.ffmpeg.org/ticket/8718 - Issue Tracking, Vendor Advisory |
26 May 2021, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-05-26 15:15
Updated : 2023-12-10 13:55
NVD link : CVE-2020-24020
Mitre link : CVE-2020-24020
CVE.ORG link : CVE-2020-24020
JSON object : View
Products Affected
ffmpeg
- ffmpeg
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')