CVE-2023-6604

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 6, 2025
CWE ID 94
CWE ID 99

Summary

CVE-2023-6604 is a vulnerability affecting FFmpeg, a widely-used multimedia framework. This issue permits unexpected CPU load and storage consumption when processing XBIN-formatted data without proper validation. The flaw can result in degraded performance or even denial of service, making it a significant concern for organizations and individuals relying on FFmpeg for multimedia processing tasks. Attackers could potentially exploit this vulnerability by demuxing arbitrary data in the XBIN format, thereby causing unwanted resource usage and potential disruptions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share