CVE-2024-24246

Name
CVE-2024-24246
Description
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://github.com/qpdf/qpdf/issues/1123
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WLK6ICPJUMOJNHZQWXAA5MPXG5JHZZL/
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FX3D3YCNS6CQL3774OFUROLP3EM25ILC/
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3N6TULMEYVCLXO47Y5W4VWCJMSB72CB/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:qpdf_project:qpdf:11.9.0:*:*:*:*:*:*:* qpdf == None == 11.9.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
qpdf edge-community 11.9.1-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
qpdf 3.20-community 11.9.1-r0 Natanael Copa <ncopa@alpinelinux.org> fixed