The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3521-1 advisory.

    - CVE-2021-3566: Fixed information leak (bsc#1189166).
    - CVE-2021-38093: Fixed integer overflow vulnerability in filter_robert() (bsc#1190734)
    - CVE-2021-38092: Fixed integer overflow vulnerability in filter_prewitt() (bsc#1190733)
    - CVE-2021-38094: Fixed integer overflow vulnerability in filter_sobel() (bsc#1190735)
    - CVE-2020-22037: Fixed denial of service vulnerability caused by memory leak in avcodec_alloc_context3()     (bsc#1186756)
    - CVE-2020-35965: Fixed out-of-bounds write in decode_frame() (bsc#1187852)
    - CVE-2020-20892: Fixed an issue with filter_frame() (bsc#1190719)
    - CVE-2020-20891: Fixed a buffer overflow vulnerability in config_input() (bsc#1190718)
    - CVE-2020-20895: Fixed a buffer overflow vulnerability in function filter_vertically_##name (bsc#1190722)
    - CVE-2020-20896: Fixed an issue with latm_write_packet() (bsc#1190723)
    - CVE-2020-20899: Fixed a buffer overflow vulnerability in config_props() (bsc#1190726)
    - CVE-2020-20902: Fixed an out-of-bounds read vulnerabilit long_term_filter() (bsc#1190729)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

openSUSE 15 Security Update : ffmpeg (openSUSE-SU-2021:3521-1)

high Nessus Plugin ID 154611

Version 1.4

Version 1.3

Version 1.4 Sep 23, 2025, 6:37 PM CVE (set "CVE" coverage to "CVE-2020-20891,CVE-2020-20892,CVE-2020-20896,CVE-2020-20902,CVE-2020-22037,CVE-2020-35965,CVE-2021-3566,CVE-2021-38092,CVE-2021-38093,CVE-2021-38094") Detection (updated detection logic) Plugin metadata Plugin Feed: 202509231837
Version 1.3 Nov 27, 2023, 1:55 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202311271355