Astra Linux - уязвимость в dav1d

An integer overflow occurs in the dav1d AV1 decoder, which can happen when decoding videos with a large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading to a version later than 1.4.0 of dav1d...

ROOT-OS-ALPINE-318-CVE-2024-1580 CVE-2024-1580 in rootio-dav1d - Patched by Root

Root has patched CVE-2024-1580 in the rootio-dav1d package for Root:Alpine:3.18. Multiple fixed versions available...

[SECURITY] Fedora 42 Update: rust-gst-plugin-dav1d-0.13.7-2.fc42

GStreamer dav1d AV1 decoder Plugin...

[SECURITY] Fedora 43 Update: rust-gst-plugin-dav1d-0.14.0-3.fc43

GStreamer dav1d AV1 decoder Plugin...

CVE-2025-48592

In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-201764

In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48592

In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48592

In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48592

In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-427113482

In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

OESA-2025-2614 dav1d security update

dav1d is a new AV1 cross-platform Decoder, open-source, and focused on speed and correctness. Security Fixes: An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past...

EUVD-2023-36814

Malicious code in bioql PyPI...

EUVD-2024-17324

Malicious code in bioql PyPI...

Advisory ROSA-SA-2025-2992

Software: dav1d 1.3.0 AXIS: ROSA-CHROME unaffected versions = dav1d-1.3.0-2 affected versions dav1d-1.3.0-2 CVE-ID: CVE-2024-1580 BDU-ID: 2024-04901 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the dav1d decoder of the iOS, iPadOS, visionOS, macOS, Fedora, and Safari browser operating systems i...

VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.

...

Linux Distros Unpatched Vulnerability : CVE-2024-1580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. W...

ROOT-OS-DEBIAN-12-CVE-2023-32570 CVE-2023-32570 in rootio-dav1d - Patched by Root

Root has patched CVE-2023-32570 in the rootio-dav1d package for Root:Debian:12. Multiple fixed versions available...

NewStart CGSL MAIN 7.02 : dav1d Vulnerability (NS-SA-2025-0159)

The remote NewStart CGSL host, running version MAIN 7.02, has dav1d packages installed that are affected by a vulnerability: - An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommen...

TencentOS Server 4: dav1d (TSSA-2024:0971)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0971 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

openSUSE Security Advisory (SUSE-SU-2024:0964-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...