CVE-2024-7006
CVE Details
Last Update
11/7/24
NIST CVE Summary
A null pointer dereference flaw was found in Libtiff via tif_dirinfo.c. This issue may allow an attacker to trigger
memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a
segmentation fault. This can cause an application crash, eventually leading to a denial of service.
Our Official Summary
Investigation is ongoing to determine how this vulnerability affects our products.
CVE Severity
Status
Ongoing
Affected Products & Versions
- Palette Enterprise airgap 4.5.3, 4.5.8
- Palette Enterprise 4.5.3, 4.5.8
Revision History
- 1.0 10/14/24 Initial Publication
- 2.0 10/14/2024 Added Palette Enterprise and Palette Enterprise airgap 4.5.3 to Affected Products
- 3.0 11/7/2024 Added Palette Enterprise and Palette Enterprise airgap 4.5.8 to Affected Products