[Libav-user] WebP library vulnerability in ffmpeg

Kumar, Rahul Rahul.Kumar8 at Honeywell.com
Wed Oct 18 14:38:03 EEST 2023

Hi Team,

we are using ffmpeg 5.0.1 libraries in our application. Recently vulnerabilities has been reported in  WebP library . And looks like  Ffmpeg also uses  WebP library  https://github.com/FFmpeg/FFmpeg/blob/n6.0/libavcodec/webp.c .

It says libwebp 1.3.2 is affected . Can you let us know which version of libwebp we are using in Ffmpeh 5.0.1 ?
Can someone confirm if ffmpeg 5.0.1 is also affected by this vulnerability ?  And when is it expected to get fix for this vulnerability in ffmpeg ?

Rahul K

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://ffmpeg.org/pipermail/libav-user/attachments/20231018/d353b90e/attachment.htm>

More information about the Libav-user mailing list