DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

CVE-2025-1594

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-1594

Severity

8.8

High

CVSS V3

Description

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-1594
  • https://github.com/advisories/GHSA-37pp-xmcw-vg4w
  • https://ffmpeg.org/
  • https://trac.ffmpeg.org/ticket/11418#comment:3
  • https://vuldb.com/?ctiid.296589
  • https://vuldb.com/?id.296589
  • https://vuldb.com/?submit.496929
  • https://trac.ffmpeg.org/attachment/ticket/11418/poc

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal