CVE-2024-32035

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Apr 15, 2024
Updated: Apr 16, 2024
CWE ID 789

Summary

CVE-2024-32035 is a newly discovered vulnerability affecting the ImageSharp library, a popular 2D graphics API. This issue arises when ImageSharp attempts to process maliciously crafted image files, resulting in excessive memory usage during decoding. The vulnerability can trigger a denial of service (DoS) attack by depleting process memory, impacting applications and services that utilize ImageSharp for image processing tasks. To mitigate the risk of exploitation, users and administrators are strongly encouraged to update to the latest versions, which are v3.1.4 and v2.1.8, that have been released to address this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share