CVE-2024-45508

Summary

CVE-2024-45508 is a critical vulnerability affecting HTMLDOC versions prior to 1.9.19, characterized by an out-of-bounds write in the parse_paragraph function due to improper handling of leading whitespace in whitespace-only nodes. This vulnerability has a base score of 9.8 and poses significant risks, including high impacts on confidentiality, integrity, and availability, as it can be exploited remotely without user interaction. Organizations using affected products should prioritize upgrading to HTMLDOC version 1.9.19 or later to mitigate this risk effectively. The exploitability score for this vulnerability is rated at 3.9, indicating a low attack complexity with serious potential consequences if exploited. References for further details and patches can be found on GitHub's issue tracking pages related to HTMLDOC updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.