CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-22860

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.6%

CVSS Severity

CVSS v3 Score 9.8

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61991
https://github.com/FFmpeg/FFmpeg/commit/d2e8974699a9e35cc1a926bf74a972300d629cd5
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61991
https://github.com/FFmpeg/FFmpeg/commit/d2e8974699a9e35cc1a926bf74a972300d629cd5

Products affected by CVE-2024-22860

Ffmpeg » Ffmpeg » Version: 6.1

cpe:2.3:a:ffmpeg:ffmpeg:6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22860

Products

Pricing

Contact Us