AVG-605

Package mpv
Status Fixed
Severity High
Type arbitrary code execution
Affected 1:0.27.0-6
Fixed 1:0.27.1-1
Current 1:0.29.1-5 [community]
Ticket None
Created Sat Feb 3 10:18:58 2018
Issue Severity Remote Type Description
CVE-2018-6360 High Yes Arbitrary code execution
mpv allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts...
Date Advisory Package Description
13 Feb 2018 ASA-201802-7 mpv arbitrary code execution
References
https://github.com/mpv-player/mpv/releases/tag/v0.27.1
Notes
Not fixed in 0.28