FFmpeg 0.7.0 and below exists to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no realistic use cases in which FFmpeg.java uses untrusted input for the path of the executable file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bramp ffmpeg-cli-wrapper |