{"id":"CVE-2018-13305","details":"In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service.","modified":"2026-03-14T09:27:55.147296Z","published":"2018-07-05T17:29:00.610Z","related":["SUSE-SU-2018:3609-1","openSUSE-SU-2020:0024-1","openSUSE-SU-2024:10754-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"0"},{"last_affected":"e049f7c24fc6aa5fc925f860e2ad940a75cfd84f"},{"fixed":"d08d4a8c7387e758d439b0592782e4cfa2b4d6a4"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.0.1"}]}}],"versions":["N","n0.11-dev","n0.12-dev","n0.8","n1.1-dev","n1.2-dev","n1.3-dev","n2.0","n2.1-dev","n2.2-dev","n2.3-dev","n2.4-dev","n2.5-dev","n2.6-dev","n2.7-dev","n2.8-dev","n2.9-dev","n3.1-dev","n3.2-dev","n3.3-dev","n3.4-dev","n3.5-dev","n4.0","n4.0.1"],"database_specific":{"vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["315308842985963567160504347824073081058","112614877628104946103637232229328740279","51526975697305092278210617899140764129","61832793806366803356970899084193080255"]},"id":"CVE-2018-13305-51b88888","signature_version":"v1","target":{"file":"libavcodec/vc1_block.c"},"deprecated":false,"signature_type":"Line","source":"https://github.com/ffmpeg/ffmpeg/commit/d08d4a8c7387e758d439b0592782e4cfa2b4d6a4"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-13305.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}]}