vulnerability

FFmpeg: CVE-2017-9993: Unspecified Security Vulnerability

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Jun 28, 2017
Added
Sep 29, 2017
Modified
Apr 25, 2025

Description

FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist data.

Solution(s)

ffmpeg-upgrade-2_4_14ffmpeg-upgrade-2_8_12ffmpeg-upgrade-3_0_9ffmpeg-upgrade-3_1_9ffmpeg-upgrade-3_2_6ffmpeg-upgrade-3_3_2
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.