CVE-2023-36307

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

CVE-2023-36307

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

ZPLGFA Input Validation Error Vulnerability

ZPLGFA is a Go package from Simon Waldherr's personal developer. It is used to convert PNG, JPEG and GIF encoded graphic files into ZPL compatible ^GF elements graphic fields. A security vulnerability exists in ZPLGFA version 1.1.1, which stems from allowing an attacker to cause a panic with a...

CVE-2023-36307

CVE-2023-36307 affects ZPLGFA 1.1.1. The root cause is an integer index out of range in ConvertToGraphicField when processing a zero-width image, causing a panic/crash. The description notes unclear security consequences in typical use. Remediation hints from PT-2023-25522 suggest avoiding zero-w...

PT-2023-25522 · Zplgfa · Zplgfa

Name of the Vulnerable Software and Affected Versions: ZPLGFA version 1.1.1 Description: The issue allows attackers to cause a panic due to an integer index out of range during a ConvertToGraphicField call via an image of zero width. It is unclear whether there are common use cases in which this...