{"id":"CVE-2017-9051","details":"libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.","modified":"2026-04-11T04:59:54.770295Z","published":"2017-05-18T06:29:00.527Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/98548"},{"type":"REPORT","url":"https://bugzilla.libav.org/show_bug.cgi?id=1039"},{"type":"FIX","url":"https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libav/libav","events":[{"introduced":"0"},{"last_affected":"11cd727fbd603197cb1e49654fce3352d56f8fd8"},{"fixed":"fe6eea99efac66839052af547426518efd970b24"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"12.0"}]}}],"versions":["dev14.2","v0.7","v0.7b1","v0.7b2","v0.7rc1","v0.8","v0.8b1","v0.8b2","v10_alpha1","v10_alpha2","v10_beta1","v11_alpha1","v11_alpha2","v11_beta1","v11_dev0","v12_dev0","v13_dev0","v9","v9_beta1","v9_beta2","v9_beta3"],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["274891497231171138543145085514920405842","257059334401867175743933481090355076324","185640076773230492216392322192044453356","210251531421404829396963971962586864631","179766589153650962709468494311982724419","278422474398251953008507443867709135024","99913104313183011691992177035276351582","43917120757807394929185041716466474888","250283385843625211767861897113135444583","43800071153905982713260094322546541886","123253932972665746989115958699815184641","291767047652134290075725572025369611011"],"threshold":0.9},"signature_type":"Line","signature_version":"v1","source":"https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24","target":{"file":"libavformat/nsvdec.c"},"deprecated":false,"id":"CVE-2017-9051-1e586f1c"},{"digest":{"length":3684,"function_hash":"131262218544824003360077917658789245651"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24","target":{"file":"libavformat/nsvdec.c","function":"nsv_read_chunk"},"deprecated":false,"id":"CVE-2017-9051-8d9f97f1"}],"vanir_signatures_modified":"2026-04-11T04:59:54Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9051.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}