CVE-2024-1580 - CERT CVE

  1. CVE-2024-1580

ID CVE-2024-1580
Sažetak An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
Reference
CVSS
Base: 5.9
Impact: 4.7
Exploitability:1.2
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK HIGH LOW
Impact
PovjerljivostCjelovitostDostupnost
LOW HIGH LOW
CVSS vektor CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
Zadnje važnije ažuriranje 13-02-2025 - 18:16
Objavljeno 19-02-2024 - 11:15