CVE-2024-13941

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Apr 1, 2025

Updated: Apr 2, 2025

CWE ID 119

Summary

CVE-2024-13941 is a critical vulnerability affecting the ouch-org ouch software up to version 0.3.1. The issue lies in the function "convert_zip_date_time" of the file "zip.rs," where manipulation of the argument month leads to memory corruption. This vulnerability can be exploited locally, and the exploit has been disclosed to the public. Upgrading to version 0.4.0 is the recommended solution to mitigate this memory corruption issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

OUCH protocol

Affected Vendors

Nasdaq

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/40KvdZ
https://www.cve.org/CVERecord?id=CVE-2024-13941
https://nvd.nist.gov/vuln/detail/CVE-2024-13941

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners