GHSA-qff7-4q6c-m8h6HighCVSS 8.8

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV...

Published
June 18, 2026
Last Modified
June 18, 2026

🔗 CVE IDs covered (1)

📋 Description

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution.

This vulnerability is associated with the file libavcodec/magicyuv.C.

This issue affects FFmpeg before version 8.1.2.

🔗 References (3)