CVE-2024-35366

ADVISORY - nist

Summary

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking.

EPSS Score: 0.00621 (0.455)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Integer Overflow or Wraparound


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in