CVE-2025-1594

ADVISORY - nist

Summary

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

EPSS Score: 0.00534 (0.412)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Improper Restriction of Operations within the Bounds of a Memory Buffer

Stack-based Buffer Overflow

Out-of-bounds Write


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in