Search for vulnerabilities
Vulnerability details: VCID-z96x-kd83-aaan
Vulnerability ID VCID-z96x-kd83-aaan
Aliases CVE-2024-31582
Summary FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.
Status Published
Exploitability 0.5
Weighted Severity 3.8
Risk 1.9
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00041 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00076 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
epss 0.00188 https://api.first.org/data/v1/epss?cve=CVE-2024-31582
cvssv3.1 7.6 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-31582
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31582
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://gist.github.com/1047524396/b47d5efe3bc420fb91dbb77c73c0fff3
https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavfilter/vf_codecview.c#L220
https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2024-31582 https://nvd.nist.gov/vuln/detail/CVE-2024-31582
USN-6803-1 https://usn.ubuntu.com/6803-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.03151
EPSS Score 0.00018
Published At May 26, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2024-04-23T17:19:45.132894+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-31582 34.0.0rc4