How severe is CVE-2024-48854?

CVE-2024-48854 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2024-48854

Name: qnx_software_development_platform
Author: blackberry

5.3MEDIUM

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image c

Published: 1/14/2025Updated: 1/21/2025

Description

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.

AI AnalysisPowered by AI

Affected Products

blackberryqnx_software_development_platform

7.0

blackberryqnx_software_development_platform

7.1

blackberryqnx_software_development_platform

8.0

References

https://support.blackberry.com/pkb/s/article/140334
Vendor Advisory