CVE-2024-0145

MEDIUM 6.8

CVSS Score

6.8

EPSS Score

0.0%

EPSS Percentile

0th

NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering.

CWE	CWE-122
Vendor	nvidia
Product	nvjpeg2000
Published	Feb 12, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for nvidia nvjpeg2000

Be the first to know when new medium vulnerabilities affecting nvidia nvjpeg2000 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Affected Versions

NVIDIA / nvJPEG2000

0.8.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nvidia.custhelp.com: https://nvidia.custhelp.com/app/answers/detail/a_id/5596 talosintelligence.com: https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2108 talosintelligence.com: https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2113