FFmpeg NULL ptr deref via libavformat/mov.c
CVE-2025-25471 Published on February 18, 2025

FFmpeg git master before commit fd1772 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

LOW

Availability Impact:

NONE

Weakness Type

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.

Products Associated with CVE-2025-25471

Want to know whenever a new CVE is published for FFmpeg? stack.watch will email you.

FFmpeg

Exploit Probability

EPSS

0.19%

Percentile

40.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

FFmpeg NULL ptr deref via libavformat/mov.cCVE-2025-25471 Published on February 18, 2025

Vulnerability Analysis

Weakness Type

NULL Pointer Dereference

Products Associated with CVE-2025-25471

Exploit Probability

FFmpeg NULL ptr deref via libavformat/mov.c
CVE-2025-25471 Published on February 18, 2025