CVE-2020-13904

Published: 2020-06-07T19:15Z

Last Modified: 2024-11-21T05:02Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt