CVE-2024-32230

Published: 7/1/2024 Last updated: 3/14/2025 Reserved: 4/12/2024

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	7.8	High	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product	Vendor	Version
n/a	n/a	0.9.0.0 to 0.9.0.1

References (2)

https://trac.ffmpeg.org/ticket/10952
https://trac.ffmpeg.org/ticket/10952