Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-48854

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.

Published

2025-01-14T19:15:31.267

Last Modified

2025-01-21T18:07:08.960

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-193
Type: Primary
CWE-193

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	blackberry	qnx_software_development_platform	7.0	Yes
Application	blackberry	qnx_software_development_platform	7.1	Yes
Application	blackberry	qnx_software_development_platform	8.0	Yes

References

https://support.blackberry.com/pkb/s/article/140334 Vendor Advisory ([email protected])