CVE-2024-36617
- Source
- https://cve.org/CVERecord?id=CVE-2024-36617
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36617.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-36617
- Downstream
- Published
- 2024-11-29T18:15:07.230Z
- Modified
- 2026-03-02T08:08:41.218129Z
- Severity
-
- 6.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
- References
Affected packages
Git / github.com/ffmpeg/ffmpeg
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ffmpeg/ffmpeg
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixed
Affected versions
n4.*
n4.3
n4.3-dev
n4.3.1
n4.3.2
n4.3.3
n4.3.4
n4.3.5
n4.3.6
n4.4
n4.4-dev
n4.4.1
n4.4.2
n4.4.3
n4.4.4
n4.5-dev
n5.*
n5.1-dev
n5.2-dev
n6.*
n6.1
n6.1-dev
n6.1.1
n6.2-dev
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36617.json"
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"44973636752222320202739228100696163360",
"274436137156896354455671107439876243104",
"184972138392671777370760264547244923719",
"236992614078391776037833767438845251703"
]
},
"source": "https://github.com/ffmpeg/ffmpeg/commit/d973fcbcc2f944752ff10e6a76b0b2d9329937a7",
"signature_type": "Line",
"id": "CVE-2024-36617-1c8c6403",
"target": {
"file": "libavformat/cafdec.c"
}
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "82835186559573989995264497669114067249",
"length": 1265.0
},
"source": "https://github.com/ffmpeg/ffmpeg/commit/d973fcbcc2f944752ff10e6a76b0b2d9329937a7",
"signature_type": "Function",
"id": "CVE-2024-36617-b1262d81",
"target": {
"file": "libavformat/cafdec.c",
"function": "read_pakt_chunk"
}
}
]