216.73.217.64

CVE-2024-35369

· Published 29/11/2024 17:15 · Modified 29/11/2024 18:15

Labels: CVE-2024-35369 2024-11-29CVE-2024-35369CWE-190[email protected]

Essential information

Published
29/11/2024 17:15
Modified
29/11/2024 18:15
Author
Creator
CVSS
5.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS metrics

Description

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in undefined behavior or crashes during the decoding process.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References