CVE-2024-22860 | FFmpeg up to 6.0 JPEG XL Animation Decoder jpegxl_anim_read_packet integer overflow

Inserito da Angelo Barbosa | Gen 27, 2024 | CVE

A vulnerability was found in FFmpeg up to 6.0. It has been classified as critical. This affects the function jpegxl_anim_read_packet of the component JPEG XL Animation Decoder. The manipulation leads to integer overflow.

This vulnerability is uniquely identified as CVE-2024-22860. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22860 | FFmpeg up to 6.0 JPEG XL Animation Decoder jpegxl_anim_read_packet integer overflow

Post correlati

CVE-2024-10466 | Mozilla Thunderbird up to 131 Push Message denial of service

CVE-2024-39303 | WeblateOrg weblate up to 5.6.1 ZIP File file inclusion (GHSA-jfgp-674x-6q4p)

CVE-2024-0379 | Custom Twitter Feeds Plugin up to 2.2.1 on WordPress Options Update cross-site request forgery

CVE-2024-38502 | Pepperl+Fuchs MOD-16RJ45 cross site scripting (VDE-2024-033)