Security Advisory

CVE-2023-39018

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-28 00:00:00

Last updated 2024-11-27 14:27:45

Assigner mitre

State PUBLISHED

Description

FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no realistic use cases in which FFmpeg.java uses untrusted input for the path of the executable file.

← Browse all CVEs View on cve.org ↗