Vulnerability Details CVE-2023-4508
A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.4%
CVSS Severity
CVSS v3 Score 5.5
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4508
- https://github.com/gerbv/gerbv/commit/5517e22250e935dc7f86f64ad414aeae3dbcb36a
- https://github.com/gerbv/gerbv/issues/191
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4508
- https://github.com/gerbv/gerbv/commit/5517e22250e935dc7f86f64ad414aeae3dbcb36a
- https://github.com/gerbv/gerbv/issues/191
Products affected by CVE-2023-4508
-
cpe:2.3:a:gerbv_project:gerbv:2.10.0
-
cpe:2.3:a:gerbv_project:gerbv:2.4.0
-
cpe:2.3:a:gerbv_project:gerbv:2.5.0
-
cpe:2.3:a:gerbv_project:gerbv:2.6.0
-
cpe:2.3:a:gerbv_project:gerbv:2.6.1
-
cpe:2.3:a:gerbv_project:gerbv:2.6.2
-
cpe:2.3:a:gerbv_project:gerbv:2.7.0
-
cpe:2.3:a:gerbv_project:gerbv:2.7.1
-
cpe:2.3:a:gerbv_project:gerbv:2.7.2
-
cpe:2.3:a:gerbv_project:gerbv:2.7.3
-
cpe:2.3:a:gerbv_project:gerbv:2.8.0
-
cpe:2.3:a:gerbv_project:gerbv:2.8.1
-
cpe:2.3:a:gerbv_project:gerbv:2.8.2
-
cpe:2.3:a:gerbv_project:gerbv:2.9.0
-
cpe:2.3:a:gerbv_project:gerbv:2.9.1
-
cpe:2.3:a:gerbv_project:gerbv:2.9.2
-
cpe:2.3:a:gerbv_project:gerbv:2.9.3
-
cpe:2.3:a:gerbv_project:gerbv:2.9.4
-
cpe:2.3:a:gerbv_project:gerbv:2.9.5
-
cpe:2.3:a:gerbv_project:gerbv:2.9.6
-
cpe:2.3:a:gerbv_project:gerbv:2.9.7
-
cpe:2.3:a:gerbv_project:gerbv:2.9.8