CVE-2024-56139

Dec. 20, 2024, 9:15 p.m.

None
No Score

Description

pdftools is a high level tools to convert PDF files to ePUB formats. In versions up to and including 0.5.0 maliciously crafted epub files can cause a stack overflow leading to a crash. This issue has not yet been addressed and users are advised to avoid untrusted input to their systems.

Product(s) Impacted

Product Versions
pdftools
  • up to 0.5.0

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References

https://github.com/leonhad/pdftools/security/advisories/GHSA-hgvf-4pf3-fwc9
https://github.com/leonhad/pdftools/security/advisories/GHSA-hgvf-4pf3-fwc9

Tags

security-advisories@github.com
CWE-121
2024-12-17
CVE-2024-56139

Timeline

Published: Dec. 17, 2024, 7:15 p.m.
Last Modified: Dec. 20, 2024, 9:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security-advisories@github.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.