Approved changes feed: RSS · Atom
cpe:2.3:a:npmjs:images:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Npmjs (2aae6668-c4e1-59dd-8ab1-44df3e459c48) |
|---|---|
| Product | Images (fbed006f-aad2-5f90-84b3-88a9ab9697e3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-21523 |
vulnerable | 2026-06-08 06:27:35.483035 |
Details available
HIGH (7.5)
All versions of the package images are vulnerable to Denial of Service (DoS) due to providing unexpected input types to several different functions. This makes it possible to reach an assert macro, leading to a process crash.
**Note:**
By providing some specific integer values (like 0) to the size function, it is possible to obtain a Segmentation fault error, leading to the process crash.
Published: 2024-07-10T05:00:01.393Z
Updated: 2024-08-01T22:27:34.807Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.