Vulnerability Details CVE-2024-45287
A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.5%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2024-45287
-
cpe:2.3:o:freebsd:freebsd:13.0
-
cpe:2.3:o:freebsd:freebsd:13.1
-
cpe:2.3:o:freebsd:freebsd:13.2
-
cpe:2.3:o:freebsd:freebsd:13.3
-
cpe:2.3:o:freebsd:freebsd:13.4
-
cpe:2.3:o:freebsd:freebsd:14.0
-
cpe:2.3:o:freebsd:freebsd:14.1