Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2025-22921
CVE-2025-22921:
Ffmpeg vulnerability analysis and mitigation
Overview
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation vulnerability in the component /libavcodec/jpeg2000dec.c. The vulnerability was identified in January 2025 and affects multiple versions of FFmpeg, including version 7.1.1 (FFmpeg Ticket, NVD).
Technical details
The vulnerability manifests as a segmentation fault (SEGV) in the jpeg2000decodepacket function within libavcodec/jpeg2000dec.c at line 1491. The issue occurs during JPEG2000 decoding operations and involves a read memory access to a null address, as indicated by AddressSanitizer logs. The bug is reproducible in FFmpeg version 7.1.1 but not present in version 6.1.2 (FFmpeg Ticket).
Impact
The vulnerability can lead to a segmentation violation when processing certain JPEG2000 content, potentially causing application crashes and denial of service conditions (Debian Tracker).
Mitigation and workarounds
The vulnerability has been fixed in FFmpeg through commit 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57. Users are advised to upgrade to patched versions. For Debian bullseye, the fix is available in version 7:4.3.8-0+deb11u3 (Debian Tracker).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management