FFmpeg NULL Pointer Dereference Vulnerability in MOV Format Handling

Vulnerability

A NULL pointer dereference vulnerability has been identified in FFmpeg git master versions prior to the commit c08d30. The issue arises in the MOV format handling component of the libavformat library.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, which can cause a crash or undefined behavior in the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FFmpeg NULL Pointer Dereference Vulnerability in MOV Format Handling

Vulnerability

Impact

Affected Products

FFmpeg

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating