FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application.
References
Configurations
History
03 Jun 2025, 15:30
Type | Values Removed | Values Added |
---|---|---|
First Time |
Fedoraproject fedora
Fedoraproject Ffmpeg Ffmpeg ffmpeg |
|
References | () https://gist.github.com/1047524396/a7e9273e12553775826784035333cdd8 - Third Party Advisory | |
References | () https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/cbs_h266_syntax_template.c#L2048 - Product | |
References | () https://github.com/ffmpeg/ffmpeg/commit/ce0c178a408d43e71085c28a47d50dc939b60196 - Patch | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ - Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ - Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ - Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* cpe:2.3:a:ffmpeg:ffmpeg:6.1:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* |
21 Nov 2024, 09:13
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/1047524396/a7e9273e12553775826784035333cdd8 - | |
References | () https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/cbs_h266_syntax_template.c#L2048 - | |
References | () https://github.com/ffmpeg/ffmpeg/commit/ce0c178a408d43e71085c28a47d50dc939b60196 - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ - |
01 Aug 2024, 13:50
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-129 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
10 Jun 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References |
|
17 Apr 2024, 20:08
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-17 19:15
Updated : 2025-06-03 15:30
NVD link : CVE-2024-31581
Mitre link : CVE-2024-31581
CVE.ORG link : CVE-2024-31581
JSON object : View
Products Affected
ffmpeg
- ffmpeg
fedoraproject
- fedora
CWE
CWE-129
Improper Validation of Array Index