ZDI-25-165: Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Read Time:16 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-54499.

containernetworking-plugins-1.5.1-2.fc40

FEDORA-2025-f87fe38331 Packages in this update: containernetworking-plugins-1.5.1-2.fc40 Update description: Resolve FTBFS and rhbz#2351926 Read More

March 29, 2025

matrix-synapse-1.111.1-4.fc40

FEDORA-2025-cef83410f7 Packages in this update: matrix-synapse-1.111.1-4.fc40 Update description: Backport fixes from v1.127.1 Read More

March 29, 2025

matrix-synapse-1.118.0-4.fc41

FEDORA-2025-cddcfd6518 Packages in this update: matrix-synapse-1.118.0-4.fc41 Update description: Backport fixes from v1.127.1 Read More

March 29, 2025

matrix-synapse-1.127.1-1.fc42

FEDORA-2025-63751ef564 Packages in this update: matrix-synapse-1.127.1-1.fc42 Update description: Update to v1.127.1 (CVE-2025-30355) Read More

March 29, 2025

cri-tools1.29-1.29.0-11.fc41

FEDORA-2025-37c6639afe Packages in this update: cri-tools1.29-1.29.0-11.fc41 Update description: Resolve FTBFS Resolves: rhbz#2352149 Adopt trivy for license detection to be consistent...

March 29, 2025

cri-tools1.29-1.29.0-11.fc42

FEDORA-2025-adae8279e3 Packages in this update: cri-tools1.29-1.29.0-11.fc42 Update description: Resolve FTBFS Resolves: rhbz#2352149 Adopt trivy for license detection to be consistent...

March 29, 2025

Friday Squid Blogging: Squid Werewolf Hacking Group

Solar Power System Vulnerabilities Could Result in Blackouts

Nine in Ten Healthcare Organizations Use the Most Vulnerable IoT Devices

VanHelsing ransomware: what you need to know

Trump CISA Cuts Threaten US Election Integrity, Experts Warn

Morphing Meerkat PhaaS Platform Spoofs 100+ Brands

AIs as Trusted Third Parties

CoffeeLoader Malware Loader Linked to SmokeLoader Operations

When Getting Phished Puts You in Mortal Danger

ZDI-25-165: Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

containernetworking-plugins-1.5.1-2.fc40

matrix-synapse-1.111.1-4.fc40

matrix-synapse-1.118.0-4.fc41

matrix-synapse-1.127.1-1.fc42

cri-tools1.29-1.29.0-11.fc41

cri-tools1.29-1.29.0-11.fc42