[Libav-user] WebP library vulnerability in ffmpeg
Nicolas George
george at nsup.org
Wed Oct 18 16:36:26 EEST 2023
Kumar, Rahul via Libav-user (12023-10-18):
> It says libwebp 1.3.2 is affected . Can you let us know which version
> of libwebp we are using in Ffmpeh 5.0.1 ?
No. Only you know what libraries are linked with your build of FFmpeg.
> Can someone confirm if ffmpeg 5.0.1 is also affected by this
> vulnerability ? And when is it expected to get fix for this
> vulnerability in ffmpeg ?
FFmpeg might be affected if it is linked with an affected version of the
library, and is not affected if it is not.
Regards,
--
Nicolas George
More information about the Libav-user
mailing list