CVE-2025-0518 — Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read S... | CVE Daily

Medium CVSS 5.3

Overview

Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C .

This issue affects FFmpeg: 7.1.

Issue was fixed: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a

https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman

CWE: CWE-125 Published: 2025-01-16T17:15:12.577

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.3 (MEDIUM)
Detected tags: oob_read (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Recommended tools

Tags

Out-of-Bounds Read