CVE-2024-31585 — Off-by-one Error in Ffmpeg
Severity
5.3MEDIUMNVD
OSV8.0
EPSS
0.0%
top 93.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 17
Latest updateMay 30
Description
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:HExploitability: 0.8 | Impact: 4.0
Affected Packages3 packages
Also affects: Fedora 38, 39, 40