exploitDog

CVE-2023-44709

Опубликовано: 14 дек. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory.

Ссылки

https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709
Third Party Advisory
https://github.com/sammycage/plutosvg/issues/7
Exploit
Issue Tracking
https://gist.github.com/sunwithmoon/3f810c27d2e553f9d31bd7c50566f15b#file-cve-2023-44709
Third Party Advisory
https://github.com/sammycage/plutosvg/issues/7
Exploit
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sammycage:plutosvg:-:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.0029

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-190

CWE-190

Связанные уязвимости

GHSA-pwjh-vjhv-xqmx

CVSS3: 9.8

github

около 2 лет назад

PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory.

EPSS

Процентиль: 52%

0.0029

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-190

CWE-190