CVE-2024-56431

ADVISORY - nist

Summary

oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.

EPSS Score⁠: 0.10336 (0.930)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-863⁠

Incorrect Authorization

ADVISORY - redhat

CWE-1335⁠

Incorrect Bitwise Shift of Integer

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.