Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-2241

Опубликовано: 22 апр. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.3

Описание

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 535a786f124b739e3c857529cecc29e4eeb79778. It is recommended to apply a patch to fix this issue. VDB-227226 is the identifier assigned to this vulnerability.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

vulnerability was not reproducible in 0.9.8
esm-apps/bionic

not-affected

vulnerability was not reproducible in 0.9.8
esm-apps/focal

not-affected

vulnerability was not reproducible in 0.9.8
esm-apps/jammy

not-affected

vulnerability was not reproducible in 0.9.8
esm-apps/noble

not-affected

vulnerability was not reproducible in 0.9.8
esm-apps/xenial

not-affected

vulnerability was not reproducible in 0.9.8
esm-infra-legacy/trusty

not-affected

vulnerability was not reproducible in 0.9.8
focal

not-affected

vulnerability was not reproducible in 0.9.8
jammy

not-affected

vulnerability was not reproducible in 0.9.8

Показывать по

Ссылки на источники

EPSS

Процентиль: 16%
0.00052
Низкий

4.3 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2023-2241

CVSS3: 5.3
nvd
почти 3 года назад

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 535a786f124b739e3c857529cecc29e4eeb79778. It is recommended to apply a patch to fix this issue. VDB-227226 is the identifier assigned to this vulnerability.

debian логотип

CVE-2023-2241

CVSS3: 5.3
debian
почти 3 года назад

A vulnerability, which was classified as critical, was found in PoDoFo ...

github логотип

GHSA-v8x8-32r8-5x52

CVSS3: 5.3
github
почти 3 года назад

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 535a786f124b739e3c857529cecc29e4eeb79778. It is recommended to apply a patch to fix this issue. VDB-227226 is the identifier assigned to this vulnerability.

EPSS

Процентиль: 16%
0.00052
Низкий

4.3 Medium

CVSS2

5.3 Medium

CVSS3