Explore top 10 tips to secure your open-source projects now. Read More
×
CVE-2017-9993
Libav does not properly restrict HTTP Live Streaming filename
extensions and demuxer names, which allows attackers to read
arbitrary files via crafted playlist data.
CVE-2017-9994
libavcodec/webp.c in Libav does not ensure that pix_fmt is set,
which allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted file, related to the
vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions.
CVE-2017-14055
Denial-of-service in mv_read_header() due to lack of an EOF (End of
File) check might cause huge CPU and memory consumption.
CVE-2017-14056
Denial-of-service in rl2_read_header() due to lack of an EOF
(End of File) check might cause huge CPU and memory consumption.
CVE-2017-14057
Denial-of-service in asf_read_marker() due to lack of an EOF
(End of File) check might cause huge CPU and memory consumption.
CVE-2017-14170
Get the latest Linux and open source security news straight to your inbox.