Search for vulnerabilities
Vulnerability details: VCID-w3mw-u8jt-aaak
Vulnerability ID VCID-w3mw-u8jt-aaak
Aliases CVE-2024-31585
Summary FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Status Published
Exploitability 0.5
Weighted Severity 3.2
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
epss 0.00083 https://api.first.org/data/v1/epss?cve=CVE-2024-31585
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-31585
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://gist.github.com/1047524396/dc2c64ffe0c3934a6176bcd2c5cf5656
https://git.ffmpeg.org/gitweb/ffmpeg.git/blobdiff/aec67d3d7d2895bfea61aa1358d9d8e956f8615c..ab0fdaedd1e7224f7e84ea22fcbfaa4ca75a6c06:/libavfilter/avf_showspectrum.c
https://git.ffmpeg.org/gitweb/ffmpeg.git/blobdiff/bf2d7b20ea1c7d15dcbaedd479f40295e5c83430..3061bf668feffc7c1f0b244205167b3b86da8015:/libavfilter/avf_showspectrum.c
https://github.com/FFmpeg/FFmpeg/commit/3061bf668feffc7c1f0b244205167b3b86da8015
https://github.com/FFmpeg/FFmpeg/commit/81df787b53eb5c6433731f6eaaf7f2a94d8a8c80
https://github.com/ffmpeg/ffmpeg/commit/ab0fdaedd1e7224f7e84ea22fcbfaa4ca75a6c06
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2024-31585 https://nvd.nist.gov/vuln/detail/CVE-2024-31585
USN-6803-1 https://usn.ubuntu.com/6803-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.05801
EPSS Score 0.00027
Published At May 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2024-04-23T17:19:45.189722+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-31585 34.0.0rc4