Advisory 2024-03/04 FFmpeg Vulnerabilities
Vulnerability types | Execution of arbitrary code, denial of service |
Severity factors | These vulnerabilities have CVSS severity ratings of 7.5 high to 9.8 critical. |
Versions affected | FileCloud version 23.232 is affected. |
Version fixed | FileCloud version 23.232.1 and later |
Description
An FFmpeg vulnerability could enable execution of arbitrary code or a denial of service attack.
Fix
FileCloud version 23.232.1.24856 upgrades FFmpeg to version 6.1.1, which does not include this vulnerability.
What you should do to fix this vulnerability
- If you are using FileCloud Server version 23.232, we recommended that you update to the latest version, which is 23.232.1.24856 or greater.
- If you are using FileCloud Online, your site has already been updated to the latest version.
If you have any questions about this advisory, please contact FileCloud support.