CVE-2014-8545
EPSS 1.0%Published: 11/5/2014Modified: 4/28/2026
Description
libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data.
Affected packages (1)
- Debian/ffmpegfrom 0, < 7:2.4.3-1