4 matches found
CVE-2023-39342
Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI dangerzone-cli command logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is...
CVE-2023-39342 Dangerzone CLI does not sanitize ANSI escape characters
Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI dangerzone-cli command logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is...
CVE-2023-39342 Dangerzone CLI does not sanitize ANSI escape characters
Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI dangerzone-cli command logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is...
CVE-2023-39342
CVE-2023-39342 affects Dangerzone CLI (dangerzone-cli) prior to 0.4.2. The issue arises because the CLI logs container-output from the sanitization process to the user’s terminal and also logs file names; if the container is compromised, an attacker could return attacker-controlled strings to spo...