See Recorded Future’s Threat Intelligence Solutions in Action

See our Threat Intelligence Solutions in Action

Reduce risk and mitigate cyber attacks, no matter your IT & security stack, maturity journey, or industry

Book a free demo

View Solutions to Reduce Risk

See Recorded Future’s Intelligence in Action

Reduce operational risk through timely, precise, and actionable intelligence.

Book a free demo

Intelligence Cloud Overview

View Services & Support Overview

View Research Overview

CVE-2024-9979

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 15, 2024

CWE ID 416

Summary

CVE-2024-9979 is a vulnerability identified in PyO3, leading to a use-after-free condition that may result in memory corruption or application crashes due to unsound borrowing from weak Python references. Affected products include various versions of zeRkxD, zgFyl-, zeRkxE, and zeRkxF. To remediate this issue, organizations are advised to update their PyO3 installations as per the guidelines provided in the references. The vulnerability has a medium severity rating with a CVSS base score of 5.3, indicating that it requires low privileges and does not necessitate user interaction for exploitation. If left unaddressed, this flaw poses risks such as potential system instability and data integrity issues within affected applications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Advisories, Assessments, and Mitigations

Back to Vulnerability Database