CVE-2023-48909

HIGH

aarboard jave2 3.3.1 - Remote Code Execution via FFmpeg Function

Title source: llm
STIX 2.1

Description

An issue was discovered in Jave2 version 3.3.1, allows attackers to execute arbitrary code via the FFmpeg function.

Scores

CVSS v3 8.8
EPSS 0.0091
EPSS Percentile 55.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

Status published
Products (1)
aarboard/jave2 3.3.1
Published Jan 12, 2024
Tracked Since Feb 18, 2026