Redhat.comRH:CVE-2024-24246CVE-2024-24246
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.5%
A flaw was found in qpdf. Processing a specially crafted JSON file using the --json-input command line option may lead to a heap-based buffer over-read, resulting in an application crash.
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.5%