CVE-2024-22957

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 19, 2024

Updated: Jan 25, 2024

CWE ID 125

Summary

CVE-2024-22957 is a newly identified vulnerability affecting swftools version 0.9.2. This issue stems from an Out-of-bounds Read flaw in the function "dict_do_lookup" found in the file "q.c" located at line 1190. An attacker can potentially exploit this vulnerability by reading memory outside of the intended bounds during the lookup process, leading to potential security breaches or crashes. Users are advised to update swftools to a patched version as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Swftools

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uGz0uW
https://www.cve.org/CVERecord?id=CVE-2024-22957
https://nvd.nist.gov/vuln/detail/CVE-2024-22957

Back to Vulnerability Database

CVE-2024-22957

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations