PT-2025-1563 · FFmpeg+1 · Ffmpeg+1

Harvey Phillips

Published

2023-12-01

Updated

2025-11-21

CVE-2023-6604

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions FFmpeg (affected versions not specified)

Description A flaw was found in FFmpeg, allowing unexpected additional CPU load and storage consumption. This can lead to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-99

Related Identifiers

BDU:2026-02729

CVE-2023-6604

DLA-4241-1

DSA-5985-1

MGASA-2025-0306

Affected Products

Debian

Ffmpeg

PT-2025-1563 · FFmpeg+1 · Ffmpeg+1

CVE-2023-6604

Weakness Enumeration

Related Identifiers

Affected Products

References · 24