Improper Isolation or Compartmentalization

CVE-2024-57720

Medium

6.5/10

Summary

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-653 - Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

References

Advisory Timeline

Published Jan 23, 2025

Improper Isolation or Compartmentalization

CVE-2024-57720

Summary

CWE-653 - Improper Isolation or Compartmentalization

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS