FFmpeg before 4.2 has a heap-based buffer overflow in vqadecodechunk because of an out-of-array access in vqadecodeinit in libavcodec/vqavideo.c.
[
{
"id": "CVE-2019-17542-89be5de9",
"signature_version": "v1",
"digest": {
"function_hash": "319021067119698628255415066517927384702",
"length": 3260.0
},
"deprecated": false,
"source": "https://github.com/ffmpeg/ffmpeg/commit/4521700f295f35da4768f88b570e0836a858ce7b",
"signature_type": "Function",
"target": {
"file": "libavformat/hlsenc.c",
"function": "hls_write_trailer"
}
},
{
"id": "CVE-2019-17542-def83151",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"111757355275855299767214097555503833425",
"332776709410158749058424084520384076278",
"126244308190247979754930455471757737376",
"94499542832375321740817633492542024465",
"130172128018366235132297832589555939800",
"55536100370799741404976270153852322799",
"178437194551693198799431818210633522790",
"212929257175167450126831190360563960264",
"62370169604886578115909868256949237475",
"129049294233240527051413687895358407876",
"286287738882113096420417966736547438098",
"243635147339143298832966112516759698288",
"272776886790752221810033028800273149150",
"9747124137513848496923527654951202606",
"301927968725738236165575381671008622991",
"192183203489963350993466951267713113650",
"122011600157872378775713225314617790943",
"25213801080174912976460312183375057971",
"74233774275043259138930394312098586340",
"241426111203459057517320451984683680334",
"255987871053178237141709543074309270079",
"273577814075419466154781616910945826301"
]
},
"deprecated": false,
"source": "https://github.com/ffmpeg/ffmpeg/commit/4521700f295f35da4768f88b570e0836a858ce7b",
"signature_type": "Line",
"target": {
"file": "libavformat/hlsenc.c"
}
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17542.json"