CVE-2024-56431
CRITICALDescription
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.
Is your site exposed to CVE-2024-56431?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| xiph | theora |
References
Other References
Frequently Asked Questions
What is CVE-2024-56431? +
How severe is CVE-2024-56431? +
What products are affected by CVE-2024-56431? +
How do I check if I'm vulnerable to CVE-2024-56431? +
Related Vulnerabilities
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. From version …
MISP’s importModule() path used getEnabledModule() to resolve a single import module by name, but this lookup did not enforce the …
Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 to …
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, `pages.access/list` and `files.access/list` permissions are not consistently …
An incorrect authorization vulnerability in MISP allows an organization administrator to target site administrator accounts belonging to the same organization …
Data Space Portal is an open-source Software as a Service (SaaS) solution designed to streamline Dataspace management. From version 2.1.1 …