CVE-2024-0145

{"id": "CVE-2024-0145", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.6}]}, "published": "2025-02-12T01:15:08.630", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5596", "source": "psirt@nvidia.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2108", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2113", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-122"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering."}, {"lang": "es", "value": "NVIDIA nvJPEG2000 librer\u00eda contiene una vulnerabilidad en la que un atacante puede provocar un problema de desbordamiento de b\u00fafer basado en el mont\u00f3n mediante un archivo JPEG2000 manipulado especialmente manipulado. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo y la manipulaci\u00f3n de datos."}], "lastModified": "2025-02-12T18:15:20.700", "sourceIdentifier": "psirt@nvidia.com"}