VYPR

rpm package

opensuse/mpv&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/mpv&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

  • CVE-2018-6360HigJan 28, 2018
    affected < 0.33.1+git.20210630T163736.f2afae55e9-1.4fixed 0.33.1+git.20210630T163736.f2afae55e9-1.4

    mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdl_hook.lua. For example, an av://lav