Vulnerabilities > Ffmpeg > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-23 | CVE-2016-6881 | Resource Management Errors vulnerability in Ffmpeg The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file. | 5.5 |
| 2016-02-03 | CVE-2016-2213 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (out-of-bounds array read access) via crafted JPEG 2000 data. | 6.5 |
| 2016-01-15 | CVE-2016-1898 | Information Exposure vulnerability in multiple products FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file. | 5.5 |
| 2016-01-15 | CVE-2016-1897 | Information Exposure vulnerability in multiple products FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file. | 5.5 |