{"id":"CVE-2022-23318","details":"A heap-buffer-overflow in pcf2bdf, versions \u003e= 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact.","modified":"2026-05-18T05:53:19.413780378Z","published":"2022-02-17T12:44:33Z","database_specific":{"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/23xxx/CVE-2022-23318.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/23xxx/CVE-2022-23318.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23318"},{"type":"REPORT","url":"https://github.com/ganaware/pcf2bdf/issues/4"},{"type":"PACKAGE","url":"https://github.com/ganaware/pcf2bdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ganaware/pcf2bdf","events":[{"introduced":"0"},{"last_affected":"e6dea1c77e2b14d86fe2e7082a545ded868316d6"},{"last_affected":"fbc3c0a8231f70c263af9362c8bd75d463c36f44"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"1.04"},{"last_affected":"1.05"}],"source":"CPE_FIELD","cpe":["cpe:2.3:a:pcf2bdf_project:pcf2bdf:1.04:*:*:*:*:*:*:*","cpe:2.3:a:pcf2bdf_project:pcf2bdf:1.05:*:*:*:*:*:*:*"]}}],"versions":["1.05","1.04"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-23318.json"}}],"schema_version":"1.7.5"}