CVE-2023-6604

MEDIUM5.3EPSS 0.11%

發布日:2025/1/6修改日:2026/4/28

描述

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.

受影響套件(1)

Debian/ffmpegfrom 0, < 7:4.3.9-0+deb11u1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2023-6604