Sign In

CVE-2024-56431

ADVISORY - nist

Summary

oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.

EPSS Score: 0.10336 (0.930)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-863

Incorrect Authorization

ADVISORY - redhat

CWE-1335

Incorrect Bitwise Shift of Integer

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2024-56431
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-863

CVSS SCORE

9.8critical

Debian

CREATED

UPDATED

ADVISORY IDCVE-2024-56431
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2024-56431
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

UPDATED

ADVISORY IDALAS2-2025-2830
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2024-56431
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-1335

CVSS SCORE

3.3low