CVE-2022-3341
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-3341
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3341.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-3341
- Downstream
- Related
- Published
- 2023-01-12T15:15:10Z
- Modified
- 2025-10-31T04:18:18.348761Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
A null pointer dereference issue was discovered in 'FFmpeg' in decodemainheader() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformatnewstream() and triggers the null pointer dereference error, causing an application to crash.
- References
Affected packages
Git / git.ffmpeg.org/ffmpeg.git
Affected ranges
- Type
- GIT
- Repo
- https://git.ffmpeg.org/ffmpeg.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
N
n0.*
n0.11-dev
n0.12-dev
n0.8
n1.*
n1.1-dev
n1.2-dev
n1.3-dev
n2.*
n2.0
n2.1-dev
n2.2-dev
n2.3-dev
n2.4-dev
n2.5-dev
n2.6-dev
n2.7-dev
n2.8-dev
n2.9-dev
n3.*
n3.1-dev
n3.2-dev
n3.3-dev
n3.4-dev
n3.5-dev
n4.*
n4.1-dev
n4.2-dev
n4.3-dev
n4.4-dev
n4.5-dev
n5.*
n5.0
n5.0.1
n5.0.2
Git / github.com/ffmpeg/ffmpeg
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ffmpeg/ffmpeg
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
N
n0.*
n0.11-dev
n0.12-dev
n0.8
n1.*
n1.1-dev
n1.2-dev
n1.3-dev
n2.*
n2.0
n2.1-dev
n2.2-dev
n2.3-dev
n2.4-dev
n2.5-dev
n2.6-dev
n2.7-dev
n2.8-dev
n2.9-dev
n3.*
n3.1-dev
n3.2-dev
n3.3-dev
n3.4-dev
n3.5-dev
n4.*
n4.1-dev
n4.2-dev
n4.3-dev
n4.4-dev
n4.5-dev
n5.*
n5.1-dev
Database specific
vanir_signatures
[
{
"source": "https://github.com/ffmpeg/ffmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e",
"id": "CVE-2022-3341-7bd7d9b3",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "nut_read_header",
"file": "libavformat/nutdec.c"
},
"digest": {
"length": 1304.0,
"function_hash": "212714700687714782806110927416798275156"
},
"signature_type": "Function"
},
{
"source": "https://github.com/ffmpeg/ffmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e",
"id": "CVE-2022-3341-80733c23",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libavformat/nutdec.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"12906491528301950330056808785355663414",
"76424333453171500676199213834035246984",
"203494022266310686971057352550723705016",
"13052012182376853825858264053725079068",
"131228061223871305456284901214847639250",
"333372060833506373861945745183155683304",
"60434264573278572591382653163519097041",
"68123171997916593828225792216335267989",
"305721504112645504358781934941290050116",
"227041948220225308580425041563422634931",
"288431581750765352076620402669156110371",
"317019860032823344116413789327366253880",
"138144405539726247412790470779925534392",
"176278491276011713736716859563389188667",
"190890976758392512353778965706686771850",
"110797133720430837899212760794560089640",
"205461340203508466923070600963970238796",
"43296001175390136536001579821771425024"
]
},
"signature_type": "Line"
},
{
"source": "https://github.com/ffmpeg/ffmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e",
"id": "CVE-2022-3341-ae77536c",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "decode_main_header",
"file": "libavformat/nutdec.c"
},
"digest": {
"length": 4733.0,
"function_hash": "161495002188957486527608985501524411437"
},
"signature_type": "Function"
}
]