CVE-2024-22860
FFmpeg before n6.1 is vulnerable to an integer overflow in the JPEG XL Animation decoder (jpegxl_anim_read_packet), enabling remote code execution. The issue affects FFmpeg’s handling of that component and is classified as critical by CVSS v3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The vulnerabi...