2 matches found
CVE-2023-37417
Multiple out-of-bounds write vulnerabilities exist in the VCD parsevaluechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns t...
CVE-2023-37417
CVE-2023-37417 affects GTKWave (vcd parse_valuechange in the GUI) with multiple out-of-bounds writes in version 3.3.115, allowing arbitrary code execution when a malicious .vcd file is opened. Debian and Debian LTS advisories (DSA-5653/ DLA-3785) indicate fixes in GTKWAVE to newer upstream versio...