7.5
CVE-2024-48854
- EPSS 0.2%
- Veröffentlicht 14.01.2025 19:15:31
- Zuletzt bearbeitet 21.01.2025 18:07:08
- Quelle secure@blackberry.com
- Teams Watchlist Login
- Unerledigt Login
Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Blackberry ≫ Qnx Software Development Platform Version7.0
Blackberry ≫ Qnx Software Development Platform Version7.1
Blackberry ≫ Qnx Software Development Platform Version8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.424 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| secure@blackberry.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-193 Off-by-one Error
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.