Exploit Report

Exploit Report

Computer Security And Bug Information

CVE-2023-28428

Last Updated: March 24, 2023
CVECVE-2023-28428
CVE Title
Published Date2023-03-20T15:15Z
Modified Date2023-03-24T18:35Z
CWE TypeCWE-770
CVSS 3.xCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
DescriptionPDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue is available in version 1.1.1.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://github.com/michaelrsweet/pdfio/security/advisories/GHSA-68x8-9phf-j7jf
Reference DescriptionMISC https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-68x8-9phf-j7jf
Reference URLhttps://github.com/michaelrsweet/pdfio/commit/97d4955666779dc5b0665e15dd951a5c12426a31
Reference DescriptionMISC https://github.com/michaelrsweet/pdfio/commit/97d4955666779dc5b0665e15dd951a5c12426a31
TagsVendor Advisory
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles