Home
Packages
Report
Policy
Login
Signup
« List of all CVEs
CVE-2024-36617
Published:
11/29/2024
Last updated:
12/2/2024
Reserved:
5/30/2024
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
CNA assigner:
mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca)
Requested by:
n/a
Metrics
Version
Score
Severity
Vector String
3.1
6.2
Medium
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Opam packages affected (3)
conf-ffmpeg
ffmpeg
opus
Products affected (1)
Product
Vendor
Version
n/a
n/a
19.2.1
References (3)
https://github.com/ffmpeg/ffmpeg/commit/d973fcbcc2f944752ff10e6a76b0b2d9329937a7
https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavformat/cafdec.c#L274
https://gist.github.com/1047524396/f20749f8addc8f86de9cfacf17ba29df