Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-48855

Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.

Published

2025-01-14T19:15:31.413

Last Modified

2025-01-21T18:07:12.777

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-125
Type: Primary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	blackberry	qnx_software_development_platform	7.0	Yes
Application	blackberry	qnx_software_development_platform	7.1	Yes
Application	blackberry	qnx_software_development_platform	8.0	Yes

References

https://support.blackberry.com/pkb/s/article/140334 Vendor Advisory ([email protected])