Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5472-1 advisory.

    It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding (LPC) or     AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only     affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-20445, CVE-2020-20446,     CVE-2020-20453)

    It was discovered that FFmpeg incorrectly handled certain input. An attacker could possibly use this issue     to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-20450)

    It was discovered that FFmpeg incorrectly handled file conversion to APNG format. An attacker could     possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu     20.04 LTS. (CVE-2020-21041)

    It was discovered that FFmpeg incorrectly handled remuxing RTP-hint tracks. A remote attacker could     possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu     20.04 LTS. (CVE-2020-21688)

    It was discovered that FFmpeg incorrectly handled certain specially crafted AVI files. An attacker could     possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu     20.04 LTS. (CVE-2020-21697)

    It was discovered that FFmpeg incorrectly handled writing MOV video tags. An attacker could possibly use     this issue to cause a denial of service, obtain sensitive information or execute arbitrary code. This     issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22015)

    It was discovered that FFmpeg incorrectly handled writing MOV files. An attacker could possibly use this     issue to cause a denial of service or other unspecified impact. This issue affected only Ubuntu 18.04 LTS.
    (CVE-2020-22016)

    It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could     possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected     Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023,     CVE-2022-22025, CVE-2020-22026, CVE-2020-22028, CVE-2020-22031, CVE-2020-22032, CVE-2020-22034,     CVE-2020-22036, CVE-2020-22042)

    It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could     possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected     Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-22019, CVE-2020-22021, CVE-2020-22033)

    It was discovered that FFmpeg incorrectly handled memory when using certain filters. An attacker could     possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected     Ubuntu 21.10. (CVE-2020-22027, CVE-2020-22029, CVE-2020-22030, CVE-2020-22035)

    It was discovered that FFmpeg incorrectly handled certain specially crafted JPEG files. An attacker could     possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu     20.04 LTS and Ubuntu 21.10. (CVE-2020-22037)

    It was discovered that FFmpeg incorrectly performed calculations in EXR codec. An attacker could possibly     use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04     LTS. (CVE-2020-35965)

    It was discovered that FFmpeg did not verify return values of functions init_vlc and init_get_bits. An     attacker could possibly use this issue to cause a denial of service or other unspecified impact. This     issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-38114, CVE-2021-38171)

    It was discovered that FFmpeg incorrectly handled certain specially crafted files. An attacker could     possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10 and Ubuntu     22.04 LTS. (CVE-2022-1475)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4990 advisory.

  - FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious     user to cause a Denial of Service. (CVE-2020-20445)

  - FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious     user to cause a Denial of Service. (CVE-2020-20446)

  - FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious     user to cause a Denial of Service (CVE-2020-20453)

  - Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which     could let a remote malicious user cause a Denial of Service (CVE-2020-21041)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in     libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial     of Service, or execute arbitrary code. (CVE-2020-22015)

  - A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files,     which might lead to memory corruption and other potential consequences. (CVE-2020-22016)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in     libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22017)

  - Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which     could let a remote malicious user cause a Denial of Service. (CVE-2020-22019)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c,     which could let a remote malicious user cause a Denial of Service. (CVE-2020-22020)

  - Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which     could let a remote malicious user cause a Denial of Service. (CVE-2020-22021)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22022)

  - A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22023)

  - A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which     might lead to memory corruption and other potential consequences. (CVE-2020-22025)

  - Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at     libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service.
    (CVE-2020-22026)

  - A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c,     which might lead to memory corruption and other potential consequences. (CVE-2020-22027)

  - Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c,     which could cause a remote Denial of Service. (CVE-2020-22028)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in     slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other     potential consequences. (CVE-2020-22029)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in     crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22030)

  - A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in     filter16_complex_low, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22031)

  - A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in     gaussian_blur, which might lead to memory corruption and other potential consequences. (CVE-2020-22032)

  - A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in     convolution_y_8bit, which could let a remote malicious user cause a Denial of Service. (CVE-2020-22033)

  - A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might     lead to memory corruption and other potential consequences. (CVE-2020-22034)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c,     which might lead to memory corruption and other potential consequences. (CVE-2020-22035)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c,     which might lead to memory corruption and other potential consequences. (CVE-2020-22036)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at     options.c. (CVE-2020-22037)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector     function in wtvdec.c. (CVE-2020-22049)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in     dict.c. (CVE-2020-22054)

  - decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in     calculations of when to perform memset zero operations. (CVE-2020-35965)

  - libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar     issue to CVE-2013-0868. (CVE-2021-38114)

  - adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return     value, which is a necessary step because the second argument to init_get_bits can be crafted.
    (CVE-2021-38171)

  - FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure     at src/libavutil/mathematics.c. (CVE-2021-38291)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2742 advisory.

  - Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which     could let a remote malicious user cause a Denial of Service (CVE-2020-21041)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in     libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial     of Service, or execute arbitrary code. (CVE-2020-22015)

  - A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files,     which might lead to memory corruption and other potential consequences. (CVE-2020-22016)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c,     which could let a remote malicious user cause a Denial of Service. (CVE-2020-22020)

  - Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which     could let a remote malicious user cause a Denial of Service. (CVE-2020-22021)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22022)

  - A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22023)

  - A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which     might lead to memory corruption and other potential consequences. (CVE-2020-22025)

  - Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at     libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service.
    (CVE-2020-22026)

  - Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c,     which could cause a remote Denial of Service. (CVE-2020-22028)

  - A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in     filter16_complex_low, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22031)

  - A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in     gaussian_blur, which might lead to memory corruption and other potential consequences. (CVE-2020-22032)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c,     which might lead to memory corruption and other potential consequences. (CVE-2020-22036)

  - Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By     crafting a legitimate ffconcat file that references an image, followed by a file the triggers the tty     demuxer, the contents of the second file will be copied into the output file verbatim (as long as the     `-vcodec copy` option is passed to ffmpeg). (CVE-2021-3566)

  - libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar     issue to CVE-2013-0868. (CVE-2021-38114)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2322-1 advisory.

  - In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly     unspecified other impact when there is no valid close function pointer. (CVE-2019-17539)

  - FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because     parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in     av_probe_input_format3 in libavformat/format.c. (CVE-2020-13904)

  - FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote     malicious user to cause a Denial of Service. (CVE-2020-20448)

  - Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
    (CVE-2020-20451)

  - Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which     could let a remote malicious user cause a Denial of Service (CVE-2020-21041)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in     libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial     of Service, or execute arbitrary code. (CVE-2020-22015)

  - A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files,     which might lead to memory corruption and other potential consequences. (CVE-2020-22016)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in     libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22017)

  - Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which     could let a remote malicious user cause a Denial of Service. (CVE-2020-22019)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c,     which could let a remote malicious user cause a Denial of Service. (CVE-2020-22020)

  - Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which     could let a remote malicious user cause a Denial of Service. (CVE-2020-22021)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22022)

  - A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22023)

  - A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which     might lead to memory corruption and other potential consequences. (CVE-2020-22025)

  - Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at     libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service.
    (CVE-2020-22026)

  - A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in     filter16_complex_low, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22031)

  - A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in     gaussian_blur, which might lead to memory corruption and other potential consequences. (CVE-2020-22032)

  - A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in     convolution_y_8bit, which could let a remote malicious user cause a Denial of Service. (CVE-2020-22033)

  - A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might     lead to memory corruption and other potential consequences. (CVE-2020-22034)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the     ff_v4l2_m2m_create_context function in v4l2_m2m.c. (CVE-2020-22038)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the inavi_add_ientry     function. (CVE-2020-22039)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common     function in libavutil/fifo.c. (CVE-2020-22043)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the     url_open_dyn_buf_internal function in libavformat/aviobuf.c. (CVE-2020-22044)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2322-1 advisory.

  - In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly     unspecified other impact when there is no valid close function pointer. (CVE-2019-17539)

  - FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because     parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in     av_probe_input_format3 in libavformat/format.c. (CVE-2020-13904)

  - FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote     malicious user to cause a Denial of Service. (CVE-2020-20448)

  - Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
    (CVE-2020-20451)

  - Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which     could let a remote malicious user cause a Denial of Service (CVE-2020-21041)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in     libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial     of Service, or execute arbitrary code. (CVE-2020-22015)

  - A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files,     which might lead to memory corruption and other potential consequences. (CVE-2020-22016)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in     libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22017)

  - Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which     could let a remote malicious user cause a Denial of Service. (CVE-2020-22019)

  - Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c,     which could let a remote malicious user cause a Denial of Service. (CVE-2020-22020)

  - Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which     could let a remote malicious user cause a Denial of Service. (CVE-2020-22021)

  - A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22022)

  - A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at     libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22023)

  - A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which     might lead to memory corruption and other potential consequences. (CVE-2020-22025)

  - Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at     libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service.
    (CVE-2020-22026)

  - A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in     filter16_complex_low, which might lead to memory corruption and other potential consequences.
    (CVE-2020-22031)

  - A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in     gaussian_blur, which might lead to memory corruption and other potential consequences. (CVE-2020-22032)

  - A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in     convolution_y_8bit, which could let a remote malicious user cause a Denial of Service. (CVE-2020-22033)

  - A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might     lead to memory corruption and other potential consequences. (CVE-2020-22034)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the     ff_v4l2_m2m_create_context function in v4l2_m2m.c. (CVE-2020-22038)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the inavi_add_ientry     function. (CVE-2020-22039)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common     function in libavutil/fifo.c. (CVE-2020-22043)

  - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the     url_open_dyn_buf_internal function in libavformat/aviobuf.c. (CVE-2020-22044)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
161986	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : FFmpeg vulnerabilities (USN-5472-1)	Nessus	Ubuntu Local Security Checks	critical
154263	Debian DSA-4990-1 : ffmpeg - security update	Nessus	Debian Local Security Checks	critical
152737	Debian DLA-2742-1 : ffmpeg - LTS security update	Nessus	Debian Local Security Checks	high
151738	openSUSE 15 Security Update : ffmpeg (openSUSE-SU-2021:2322-1)	Nessus	SuSE Local Security Checks	critical
151651	SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2021:2322-1)	Nessus	SuSE Local Security Checks	critical

Detections

Analytics

CVE-2020-22015

high

Tenable Plugins

critical

critical

high

critical

critical