CVE-2023-6601

ADVISORY - nist

Summary

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions.

EPSS Score: 0.00397 (0.318)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Improper Control of Generation of Code ('Code Injection')

Improper Control of Resource Identifiers ('Resource Injection')


NIST

CREATED

UPDATED

ADVISORY IDCVE-2023-6601
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

4.7medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2023-6601
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2023-6601
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium