CVE-2024-4435

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published May 21, 2024
CWE ID 401

Summary

CVE-2024-4435 is a cyber vulnerability that affects multiple products, including wE5Afc, wE2syY, wE4n1g, and wE2syZ. The vulnerability occurs when storing unbounded types in a BTreeMap, causing memory chunks to remain allocated even after deallocation, resulting in a memory leak. This could be exploited by an adversary to interact with the affected system and consume excessive amounts of memory or potentially cause it to run out of memory. The issue has been fixed in version 0.6.4 by changing the logic for deallocating nodes to ensure all memory chunks are properly deallocated. Users are advised to upgrade to this version to mitigate the vulnerability.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-4435 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options