[create-pull-request] automated change (#177)

Co-authored-by: mbauman <[email protected]>
Co-authored-by: Matt Bauman <[email protected]>

Author: jlsec-bot

advisories/published/2025/JLSEC-0000-mns4hxrfz-1ed562i.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrfz-1ed562i"
+modified = 2025-10-18T14:07:17.039Z
+upstream = ["CVE-2019-1000016"]
+references = ["https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f", "https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-1000016"
+imported = 2025-10-18T14:07:17.039Z
+modified = 2024-11-21T04:17:41.023Z
+published = 2019-02-04T21:29:01.283Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-1000016"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-1000016"
+```
+
+# FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcode...
+
+FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in after commit b97a4b658814b2de8b9f2a3bce491c002d34de31.
+

advisories/published/2025/JLSEC-0000-mns4hxrg2-rlr0m0.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrg2-rlr0m0"
+modified = 2025-10-18T14:07:17.042Z
+upstream = ["CVE-2019-9718"]
+references = ["http://www.securityfocus.com/bid/107382", "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982", "https://github.com/FFmpeg/FFmpeg/commit/23ccf3cabb4baf6e8af4b1af3fcc59c904736f21", "https://seclists.org/bugtraq/2019/May/60", "https://usn.ubuntu.com/3967-1/", "https://www.debian.org/security/2019/dsa-4449", "http://www.securityfocus.com/bid/107382", "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982", "https://github.com/FFmpeg/FFmpeg/commit/23ccf3cabb4baf6e8af4b1af3fcc59c904736f21", "https://seclists.org/bugtraq/2019/May/60", "https://usn.ubuntu.com/3967-1/", "https://www.debian.org/security/2019/dsa-4449"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-9718"
+imported = 2025-10-18T14:07:17.042Z
+modified = 2024-11-21T04:52:10.140Z
+published = 2019-03-12T09:29:00.530Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-9718"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-9718"
+```
+
+# In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU v...
+
+In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
+

advisories/published/2025/JLSEC-0000-mns4hxrg4-14nb37q.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrg4-14nb37q"
+modified = 2025-10-18T14:07:17.044Z
+upstream = ["CVE-2019-9721"]
+references = ["http://www.securityfocus.com/bid/107384", "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65", "https://github.com/FFmpeg/FFmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774", "https://usn.ubuntu.com/3967-1/", "http://www.securityfocus.com/bid/107384", "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65", "https://github.com/FFmpeg/FFmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774", "https://usn.ubuntu.com/3967-1/"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-9721"
+imported = 2025-10-18T14:07:17.044Z
+modified = 2024-11-21T04:52:10.573Z
+published = 2019-03-12T09:29:00.577Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-9721"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-9721"
+```
+
+# A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU vi...
+
+A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
+

advisories/published/2025/JLSEC-0000-mns4hxrg7-1c389b9.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrg7-1c389b9"
+modified = 2025-10-18T14:07:17.047Z
+upstream = ["CVE-2019-11339"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html", "http://www.securityfocus.com/bid/108037", "https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb", "https://github.com/FFmpeg/FFmpeg/commit/d227ed5d598340e719eff7156b1aa0a4469e9a6a", "https://usn.ubuntu.com/3967-1/", "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html", "http://www.securityfocus.com/bid/108037", "https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb", "https://github.com/FFmpeg/FFmpeg/commit/d227ed5d598340e719eff7156b1aa0a4469e9a6a", "https://usn.ubuntu.com/3967-1/"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-11339"
+imported = 2025-10-18T14:07:17.047Z
+modified = 2024-11-21T04:20:54.743Z
+published = 2019-04-19T00:29:00.293Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-11339"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-11339"
+```
+
+# The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4...
+
+The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
+

advisories/published/2025/JLSEC-0000-mns4hxrgb-11tewt3.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrgb-11tewt3"
+modified = 2025-10-18T14:07:17.051Z
+upstream = ["CVE-2019-15942"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html", "https://security.gentoo.org/glsa/202007-58", "https://trac.ffmpeg.org/ticket/8093", "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html", "https://security.gentoo.org/glsa/202007-58", "https://trac.ffmpeg.org/ticket/8093"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-15942"
+imported = 2025-10-18T14:07:17.051Z
+modified = 2024-11-21T04:29:47.143Z
+published = 2019-09-05T16:15:12.027Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-15942"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-15942"
+```
+
+# FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_pa...
+
+FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.
+

advisories/published/2025/JLSEC-0000-mns4hxrgd-1g4l4tu.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrgd-1g4l4tu"
+modified = 2025-10-18T14:07:17.053Z
+upstream = ["CVE-2019-17539"]
+references = ["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15733", "https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c", "https://lists.debian.org/debian-lts-announce/2021/01/msg00026.html", "https://security.gentoo.org/glsa/202003-65", "https://usn.ubuntu.com/4431-1/", "https://www.debian.org/security/2020/dsa-4722", "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15733", "https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c", "https://lists.debian.org/debian-lts-announce/2021/01/msg00026.html", "https://security.gentoo.org/glsa/202003-65", "https://usn.ubuntu.com/4431-1/", "https://www.debian.org/security/2020/dsa-4722"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-17539"
+imported = 2025-10-18T14:07:17.053Z
+modified = 2024-11-21T04:32:28.873Z
+published = 2019-10-14T02:15:10.513Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-17539"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-17539"
+```
+
+# In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and poss...
+
+In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
+

advisories/published/2025/JLSEC-0000-mns4hxrgh-1ay9m4u.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrgh-1ay9m4u"
+modified = 2025-10-18T14:07:17.057Z
+upstream = ["CVE-2019-17542"]
+references = ["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15919", "https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2", "https://lists.debian.org/debian-lts-announce/2019/12/msg00003.html", "https://lists.debian.org/debian-lts-announce/2020/07/msg00022.html", "https://security.gentoo.org/glsa/202003-65", "https://usn.ubuntu.com/4431-1/", "https://www.debian.org/security/2020/dsa-4722", "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15919", "https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2", "https://lists.debian.org/debian-lts-announce/2019/12/msg00003.html", "https://lists.debian.org/debian-lts-announce/2020/07/msg00022.html", "https://security.gentoo.org/glsa/202003-65", "https://usn.ubuntu.com/4431-1/", "https://www.debian.org/security/2020/dsa-4722"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-17542"
+imported = 2025-10-18T14:07:17.057Z
+modified = 2024-11-21T04:32:29.313Z
+published = 2019-10-14T02:15:10.780Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-17542"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-17542"
+```
+
+# FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array ac...
+
+FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
+

advisories/published/2025/JLSEC-0000-mns4hxrgm-15d5aox.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrgm-15d5aox"
+modified = 2025-10-18T14:07:17.062Z
+upstream = ["CVE-2020-12284"]
+references = ["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19734", "https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726", "https://github.com/FFmpeg/FFmpeg/commit/a3a3730b5456ca00587455004d40c047f7b20a99", "https://security.gentoo.org/glsa/202007-58", "https://usn.ubuntu.com/4431-1/", "https://www.debian.org/security/2020/dsa-4722", "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19734", "https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726", "https://github.com/FFmpeg/FFmpeg/commit/a3a3730b5456ca00587455004d40c047f7b20a99", "https://security.gentoo.org/glsa/202007-58", "https://usn.ubuntu.com/4431-1/", "https://www.debian.org/security/2020/dsa-4722"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = ["< 4.3.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2020-12284"
+imported = 2025-10-18T14:07:17.062Z
+modified = 2024-11-21T04:59:26.903Z
+published = 2020-04-28T06:15:10.777Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-12284"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-12284"
+```
+
+# cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer ove...
+
+cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
+

advisories/published/2025/JLSEC-0000-mns4hxrgo-178047n.md

@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrgo-178047n"
+modified = 2025-10-18T14:07:17.064Z
+upstream = ["CVE-2020-14212"]
+references = ["https://patchwork.ffmpeg.org/project/ffmpeg/list/?series=1463", "https://security.gentoo.org/glsa/202007-58", "https://trac.ffmpeg.org/ticket/8716", "https://patchwork.ffmpeg.org/project/ffmpeg/list/?series=1463", "https://security.gentoo.org/glsa/202007-58", "https://trac.ffmpeg.org/ticket/8716"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = [">= 4.3.1+0, < 4.3.1+2"]
+
+[[jlsec_sources]]
+id = "CVE-2020-14212"
+imported = 2025-10-18T14:07:17.064Z
+modified = 2024-11-21T05:02:52.750Z
+published = 2020-06-16T22:15:10.443Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-14212"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-14212"
+```
+
+# FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because...
+
+FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted.
+

advisories/published/2025/JLSEC-0000-mns4hxrgp-1be807n.md

@@ -0,0 +1,27 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns4hxrgp-1be807n"
+modified = 2025-10-18T14:07:17.065Z
+upstream = ["CVE-2020-35964"]
+references = ["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622", "https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7", "https://security.gentoo.org/glsa/202105-24", "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622", "https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7", "https://security.gentoo.org/glsa/202105-24"]
+
+[[affected]]
+pkg = "FFMPEG_jll"
+ranges = [">= 4.3.1+2, < 4.4.0+0"]
+[[affected]]
+pkg = "FFplay_jll"
+ranges = ["< 4.4.4+0"]
+
+[[jlsec_sources]]
+id = "CVE-2020-35964"
+imported = 2025-10-18T14:07:17.065Z
+modified = 2024-11-21T05:28:36.243Z
+published = 2021-01-03T19:15:11.720Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-35964"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-35964"
+```
+
+# track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrec...
+
+track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing.
+