How severe is CVE-2024-32035?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2024-32035?

This is classified as CWE-789, which is a common weakness in software security.

CVE-2024-32035

MEDIUM Year: 2024

CVSS v3 Score

6.5

Medium

Weakness Type

CWE-789

View all →

Vulnerability Description

ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. This flaw can be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on ImageSharp for image processing tasks. Users and administrators are advised to update to the latest version of ImageSharp that addresses this vulnerability to mitigate the risk of exploitation. The problem has been patched in v3.1.4 and v2.1.8.

CVE-2018-12541

MEDIUM

CVSS:6.5(Medium)

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There s...

CWE-7892018

CVE-2020-8551

MEDIUM

CVSS:6.5(Medium)

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP ...

CWE-7892020

CVE-2022-22226

MEDIUM

CVSS:6.5(Medium)

In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthentic...

CWE-7892022

CVE-2022-4741

MEDIUM

CVSS:6.5(Medium)

A vulnerability was found in docconv up to 1.2.0 and classified as problematic. This issue affects the function ConvertDocx/ConvertODT/ConvertPages/ConvertXML/XMLToText. The manipulation leads to unco...

CWE-7892022

CVE-2023-20089

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacen...

CWE-7892023

CVE-2023-20202

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)...

CWE-7892023

CVE-2024-32035

Vulnerability Description

Related Vulnerabilities

CVE-2018-12541

CVE-2020-8551

CVE-2022-22226

CVE-2022-4741

CVE-2023-20089

CVE-2023-20202