How severe is CVE-2024-7883?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2024-7883?

This is classified as CWE-226, which is a common weakness in software security.

CVE-2024-7883

LOW Year: 2024

CVSS v3 Score

3.7

Low

Weakness Type

CWE-226

View all →

Vulnerability Description

When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state. This allows an attacker to read a limited quantity of Secure stack contents with an impact on confidentiality. This issue is specific to code generated using LLVM-based compilers.

CVE-2020-27218

MEDIUM

CVSS:4.8(Medium)

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients ...

CWE-2262020

CVE-2019-1573

LOW

CVSS:2.5(Low)

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to i...

CWE-2262019

CVE-2023-1637

MEDIUM

CVSS:5.5(Medium)

A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CP...

CWE-2262023

CVE-2023-3006

MEDIUM

CVSS:5.5(Medium)

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malici...

CWE-2262023

CVE-2025-48066

MEDIUM

CVSS:5.5(Medium)

wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue with function to delete local data. Instructing the client to delete its l...

CWE-2262025

CVE-2022-39393

HIGH

CVSS:8.6(High)

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused ...

CWE-2262022

CVE-2024-7883

Vulnerability Description

Related Vulnerabilities

CVE-2020-27218

CVE-2019-1573

CVE-2023-1637

CVE-2023-3006

CVE-2025-48066

CVE-2022-39393