#8421 closed defect (invalid)
Binary scan vulnerability in Dependent dlls used by FFMPEG
| Reported by: | rahul.singh | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | undetermined |
| Version: | unspecified | Keywords: | |
| Cc: | Prabhakar.Krishnakumar@Honeywell.com, PavanKumar.Puchala@Honeywell.com | Blocked By: | |
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
Below are some vulnerability we found in our Binary scan of FFMPEG executable files
Component :libxml2
CVE-2018-14404
CVE-2018-14567
CVE-2018-9251
Component :Libvorbis
CVE-2018-10392
CVE-2018-10393
Can we get a confirmation that this vulnerabilities are going to be resolved in future release.
Thanks,
Rahul Singh
Change History (2)
comment:1 by , 4 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
| Version: | 4.2 → unspecified |
comment:2 by , 4 years ago
Additionally, FFmpeg itself does not distribute or host binaries. If you found a specific binary to be distributed with an out-of-date library, you should contact whomever creates them.
Note:
See TracTickets
for help on using tickets.
Neither libxml nor libvorbis are part of the FFmpeg project.