PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory.
References
Link | Resource |
---|---|
https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709 | Third Party Advisory |
https://github.com/sammycage/plutosvg/issues/7 | Exploit Issue Tracking |
https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709 | Third Party Advisory |
https://github.com/sammycage/plutosvg/issues/7 | Exploit Issue Tracking |
Configurations
History
21 Nov 2024, 08:26
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709 - Third Party Advisory | |
References | () https://github.com/sammycage/plutosvg/issues/7 - Exploit, Issue Tracking |
19 Dec 2023, 19:09
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:sammycage:plutosvg:-:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | () https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709 - Third Party Advisory | |
References | () https://github.com/sammycage/plutosvg/issues/7 - Exploit, Issue Tracking | |
CWE | CWE-190 |
14 Dec 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-14 06:15
Updated : 2024-11-21 08:26
NVD link : CVE-2023-44709
Mitre link : CVE-2023-44709
CVE.ORG link : CVE-2023-44709
JSON object : View
Products Affected
sammycage
- plutosvg
CWE
CWE-190
Integer Overflow or Wraparound