CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-24960

A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on OSX; 9.2.0 on Linux; 9.2.0 on Windows.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.7%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json
https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/
https://github.com/suletm/security_research/blob/main/CVE/CVE-2022-24960.json
https://www.pdftron.com/nightly/#stable/2022-02-08/9.2/

Products affected by CVE-2022-24960

Linux » Linux Kernel » Version: N/A

cpe:2.3:a:linux:linux_kernel:-
Pdftron » Pdftron » Version: 9.2.0

cpe:2.3:a:pdftron:pdftron:9.2.0
Apple » Macos » Version: N/A

cpe:2.3:o:apple:macos:-
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24960

Products

Pricing

Contact Us