Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-05-03
Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution.
CVSS Score
9.8
EPSS Score
0.019
Published
2024-05-01