Segmentation Violation in lunasvg by Keepinggg
CVE-2024-57724

6.5MEDIUM

Key Information:

Vendor: Keepinggg
Status: lunasvg
Vendor: CVE Published:; 23 January 2025

What is CVE-2024-57724?

A vulnerability has been identified in lunasvg v3.0.0 that results in a segmentation violation within the gray_record_cell component. This issue could lead to unexpected application behavior or exploits that compromise the integrity of the system. It is crucial for developers and users of lunasvg to be aware of this vulnerability and evaluate their implementations to secure against potential impacts.

References

https://github.com/keepinggg/poc/blob/main/poc_of_lunasvg...

https://github.com/sammycage/lunasvg/issues/209

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 23, 2025