Critical
CVSS 9.8
Overview
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
CVE-2024-22860
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to...
Risk analysis
This vulnerability is rated 🔴 CRITICAL.
- CVSS: 9.8 (CRITICAL)
- Detected tags: int_overflow, rce (tag impact: VERY HIGH)
Recommended actions:
- Patch/upgrade immediately (remote code execution).
- Reduce exposure (WAF/segmentation), minimize attack surface.