** DISPUTED ** FFmpeg 0.7.0 and... CVE-2023-39018

- AV AC AU C I A
发布: 2023-07-28
修订: 2024-04-11

** DISPUTED ** FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no realistic use cases in which FFmpeg.java uses untrusted input for the path of the executable file.

0%
暂无可用Exp或PoC
当前有2条受影响产品信息