Libpag

libpag

Vendor: Tencent • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-34408 1Tencent 1Libpag Sep 19, 2025 May 3, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file.
CVE-2024-33078 1Tencent 1Libpag Sep 15, 2025 May 1, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution.