CVE-2024-1580

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-1580
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1580.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-1580
Downstream
Related
Published
2024-02-19T11:15:08Z
Modified
2025-08-09T19:01:27Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.

References

Affected packages