Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ffmpeg: hls unsafe file extension bypass in ffmpeg
Vulnerability Description
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
对资源描述符的控制不恰当(资源注入)
Vulnerability Title
FFmpeg 安全漏洞
Vulnerability Description
FFmpeg是FFmpeg团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg存在安全漏洞,该漏洞源于可绕过不安全的文件扩展名检查,从而通过附加特定文件扩展名的base64编码数据URI触发任意解复用器。
CVSS Information
N/A
Vulnerability Type
N/A