CVE-2024-0145

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Feb 12, 2025

CWE ID 122

Summary

CVE-2024-0145 is a newly disclosed vulnerability affecting NVIDIA's nvJPEG2000 library. This issue arises due to a heap-based buffer overflow, which can be triggered by a maliciously crafted JPEG2000 file. Successful exploitation of this vulnerability could result in attackers executing arbitrary code or tampering with data. This vulnerability poses a significant risk, particularly in environments where JPEG2000 files are commonly used. Users are urged to update their libraries as soon as patches become available to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3QzW6G
https://www.cve.org/CVERecord?id=CVE-2024-0145
https://nvd.nist.gov/vuln/detail/CVE-2024-0145

Back to Vulnerability Database

CVE-2024-0145

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations