CVE-2019-11338 (ffmpeg)

libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.
Source: NIST
CVE-2019-11338 (ffmpeg)