suse · CVE-2024-36616

Quick triage

Priority: medium Published: 2024-12-04 00:26:51 UTC Updated: 2026-03-05 02:29:35 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2024-36616 severity moderate: SUSE including 140 source package names (0.3.2-1.2:libavcodec58_134-4.4.6-150600.13.27.1, 0.3.2-1.2:libavformat58_76-4.4.6-150600.13.27.1, …), 244 product×package rows across 14 product lines (Container containers/lmcache-vllm-openai, Container containers/open-webui, … (14 product lines)): Fixed 244.

Description:

An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.

cvelogic Threat Intelligence