Vulnerability - CVE-2025-9951

Name

CVE-2025-9951

Source

NVD ( link)Debian ( link)

Description

A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000.

CWEs

CWE-122

Published Date

Sep 9, 2025

Updated Date

Jun 17, 2026

Workaround

Advisories

Analysis#

Affected Component

Analysis

ffmpeg

Not Affected

Vulnerability Ratings#

7.2

CVSSv4

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

ffmpeg

buildroot

2025.02.x

6.1.5

Not Affected

ffmpeg

buildroot

master

6.1.5

Not Affected

ffmpeg

openwrt

master

6.1.4-r2

Not Affected

ffmpeg

openwrt

openwrt-25.12

6.1.4-r1

Not Affected

ffmpeg

yocto

kirkstone

5.0.3

Not Affected

ffmpeg

yocto

scarthgap

6.1.4

Not Affected