Описание
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.
Уязвимые конфигурации
Конфигурация 1Версия от 2.0 (включая) до 6.0 (включая)
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00164
Низкий
4.7 Medium
CVSS3
Дефекты
CWE-99
CWE-94
Связанные уязвимости
CVSS3: 4.7
ubuntu
около 1 года назад
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.
CVSS3: 4.7
debian
около 1 года назад
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows by ...
CVSS3: 4.7
github
около 1 года назад
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.
EPSS
Процентиль: 38%
0.00164
Низкий
4.7 Medium
CVSS3
Дефекты
CWE-99
CWE-94