[False positive?] ffmpeg on Debian with installed freepbx

I think there are following false positives on Debian with installed FreePBX 17.

Details: Debian: Security Advisory (DSA-5748-1) OID: 1.3.6.1.4.1.25623.1.1.1.1.2024.5748
Vulnerable package: ffmpeg
Installed version: 5.1.6-12.sng12
Fixed version: >=7:5.1.6-0+deb12u1

Details: Debian: Security Advisory (DSA-5552-1) OID: 1.3.6.1.4.1.25623.1.1.1.1.2023.5552
Vulnerable package: ffmpeg
Installed version: 5.1.6-12.sng12
Fixed version: >=7:5.1.4-0+deb12u1

Details: Debian: Security Advisory (DSA-5712-1) OID: 1.3.6.1.4.1.25623.1.1.1.1.2024.5712
Vulnerable package: ffmpeg
Installed version: 5.1.6-12.sng12
Fixed version: >=7:5.1.5-0+deb12u1

Hello and welcome to this community forums.

The comparison of packages are actually done by the notus-scanner and not on VT / NASL side so i have asked the moderator team to move this into a better fitting category.

About the problem itself: AFAICT the notus-scanner only supports the comparison from package versions of the “official” Linux distribution (e.g. Debian in this case).

You can still report an issue over at Issues · greenbone/notus-scanner · GitHub to see if the team responsible for the notus-scanner can do something about this.