FFmpeg is vulnerable to information disclosure. The library does not properly handle HTTP Live Streaming filename extensions and demuxer names. A malicious user can pass playlist files to the system to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
ffmpeg | le | 2.8.3 | |
ffmpeg:3.4 | eq | 3.0.7-r0 |