Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-6601

Опубликовано: 06 янв. 2025
Источник: debian
EPSS Низкий

Описание

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ffmpegfixed7:7.1.1-1package

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2253172

  • Fixed by: https://github.com/FFmpeg/FFmpeg/commit/91d96dc8ddaebe0b6cb393f672085e6bfaf15a31 (master)

  • Fixed by: https://github.com/FFmpeg/FFmpeg/commit/b753bac08f6881b2d3dea8f1ab84c81550f35897 (n7.1.1)

  • Fixed by: https://github.com/FFmpeg/FFmpeg/commit/9803800e0e8cd8e1e7695f77cfbf4e0db0abfe57 (n5.1.7)

EPSS

Процентиль: 37%
0.00158
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-6601

CVSS3: 4.7
ubuntu
около 1 года назад

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.

nvd логотип

CVE-2023-6601

CVSS3: 4.7
nvd
около 1 года назад

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.

github логотип

GHSA-wj7r-cv36-mxr3

CVSS3: 4.7
github
около 1 года назад

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.

suse-cvrf логотип

SUSE-SU-2026:0229-1

suse-cvrf
16 дней назад

Security update for ffmpeg-4

suse-cvrf логотип

SUSE-SU-2026:0198-1

suse-cvrf
17 дней назад

Security update for ffmpeg-4

EPSS

Процентиль: 37%
0.00158
Низкий