ZPLGFA 1.1.1 allows attackers to cause a panic (because of an integer index out of range during a ConvertToGraphicField call) via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence
References
Link | Resource |
---|---|
https://github.com/SimonWaldherr/zplgfa/pull/6 | Exploit Patch Third Party Advisory |
Configurations
History
07 Nov 2023, 04:16
Type | Values Removed | Values Added |
---|---|---|
Summary | ZPLGFA 1.1.1 allows attackers to cause a panic (because of an integer index out of range during a ConvertToGraphicField call) via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence |
08 Sep 2023, 17:58
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/SimonWaldherr/zplgfa/pull/6 - Exploit, Patch, Third Party Advisory | |
CPE | cpe:2.3:a:simonwaldherr:zplgfa:1.1.1:*:*:*:*:go:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
First Time |
Simonwaldherr
Simonwaldherr zplgfa |
|
CWE | CWE-129 |
05 Sep 2023, 06:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-05 05:15
Updated : 2024-08-02 17:16
NVD link : CVE-2023-36307
Mitre link : CVE-2023-36307
CVE.ORG link : CVE-2023-36307
JSON object : View
Products Affected
simonwaldherr
- zplgfa
CWE
CWE-129
Improper Validation of Array Index