{"id":"CVE-2021-3566","details":"Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate \"ffconcat\" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg).","modified":"2026-03-14T11:01:27.194664Z","published":"2021-08-05T21:15:12.783Z","related":["SUSE-SU-2021:3521-1","SUSE-SU-2023:0005-1","openSUSE-SU-2021:3521-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/3bce9e9b3ea35c54bacccc793d7da99ea5157532#diff-74f6b92a0541378ad15de9c29c0a2b0c69881ad9ffc71abe568b88b535e00a7f"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"0"},{"fixed":"80bb65fafab1d2f5f58a8453c6334c784ee27c08"},{"fixed":"3bce9e9b3ea35c54bacccc793d7da99ea5157532"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.3"}]}}],"versions":["N","n0.11-dev","n0.12-dev","n0.8","n1.1-dev","n1.2-dev","n1.3-dev","n2.0","n2.1-dev","n2.2-dev","n2.3-dev","n2.4-dev","n2.5-dev","n2.6-dev","n2.7-dev","n2.8-dev","n2.9-dev","n3.1-dev","n3.2-dev","n3.3-dev","n3.4-dev","n3.5-dev","n4.1-dev","n4.2-dev"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"vanir_signatures":[{"source":"https://github.com/ffmpeg/ffmpeg/commit/3bce9e9b3ea35c54bacccc793d7da99ea5157532","deprecated":false,"digest":{"line_hashes":["87847563956555810086109357068916520368","179033659746351296284011130959867098470","29912285464798826292798173282494127710","149942135119221602751422759954712516314","122614738720108430322534464033586885784","264754942809671600674997705643627881480","46529893056919444838326796542476614873","232657199141909422124284627650612937300","176347224354873379396459371193661897034","324250718937501476783835246937268406065","230021871174800559649899559161600728586","71857368728975087535349751898191175066"],"threshold":0.9},"signature_type":"Line","id":"CVE-2021-3566-b3a97196","target":{"file":"libavformat/tty.c"},"signature_version":"v1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3566.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}