Search for vulnerabilities
Vulnerability details: VCID-zcxm-gvhc-aaaq
Vulnerability ID VCID-zcxm-gvhc-aaaq
Aliases CVE-2024-22862
Summary Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.
Status Published
Exploitability 0.5
Weighted Severity 8.8
Risk 4.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00196 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.01479 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.02219 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
epss 0.0693 https://api.first.org/data/v1/epss?cve=CVE-2024-22862
cvssv3.1 6.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2024-22862
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2024-22862
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-22862
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22862
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7
cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
CVE-2024-22862 https://nvd.nist.gov/vuln/detail/CVE-2024-22862
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-22862
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-22862
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.57960
EPSS Score 0.00196
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-01-27T08:15:13.743045+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-22862 34.0.0rc2