CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
57.3%
Integer overflow vulnerability in FFmpeg before n6.1, allows remote
attackers to execute arbitrary code via the JJPEG XL Parser.
bugs.chromium.org/p/oss-fuzz/issues/detail?id=62113
github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7
github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7 (n6.1)
launchpad.net/bugs/cve/CVE-2024-22862
nvd.nist.gov/vuln/detail/CVE-2024-22862
security-tracker.debian.org/tracker/CVE-2024-22862
www.cve.org/CVERecord?id=CVE-2024-22862
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
57.3%