CVE-2024-1580
Published Feb 19, 2024
Last updated 8 months ago
Overview
- Description
- An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
- Source
- cve-coordination@google.com
- NVD status
- Awaiting Analysis
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 5.9
- Impact score
- 4.7
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
- Severity
- MEDIUM
Weaknesses
- cve-coordination@google.com
- CWE-190