CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-23318

A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.6%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 5.8

References

https://github.com/ganaware/pcf2bdf
https://github.com/ganaware/pcf2bdf/issues/4
https://github.com/ganaware/pcf2bdf
https://github.com/ganaware/pcf2bdf/issues/4

Products affected by CVE-2022-23318

Pcf2bdf Project » Pcf2bdf » Version: 1.04

cpe:2.3:a:pcf2bdf_project:pcf2bdf:1.04
Pcf2bdf Project » Pcf2bdf » Version: 1.05

cpe:2.3:a:pcf2bdf_project:pcf2bdf:1.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-23318

Products

Pricing

Contact Us