admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-353xx/CVE-2024-35366.json
cad-safe-bot 60300ac409 Auto-Update: 2024-12-03T15:03:05.766364+00:00
2024-12-03 15:06:17 +00:00

68 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-35366",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-29T20:15:19.863",
"lastModified": "2024-12-03T14:15:20.107",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking."
},
{
"lang": "es",
"value": "FFmpeg n6.1.1 es un desbordamiento de enteros. La vulnerabilidad existe en la funci\u00f3n parse_options de sbgdec.c dentro del m\u00f3dulo libavformat. Al analizar ciertas opciones, el software no valida adecuadamente la entrada. Esto permite que se acepten valores de duraci\u00f3n negativos sin una verificaci\u00f3n de los l\u00edmites adecuada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/1047524396/1e72f170d58c2547ebd4db4cdf6cfabf",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavformat/sbgdec.c#L389",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ffmpeg/ffmpeg/commit/0bed22d597b78999151e3bde0768b7fe763fc2a6",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink