CVE-2021-42704
Description
Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.326
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-42700,CVE-2021-42702,CVE-2021-42704 are affected in Inkscape (EXE) (x64) 0.91 | Windows |
| Vulnerabilities CVE-2021-42700,CVE-2021-42702,CVE-2021-42704 are affected in Inkscape (EXE) 0.91 | Windows |
| Vulnerabilities CVE-2021-42700,CVE-2021-42702,CVE-2021-42704 are affected in Inkscape (x64) 0.91 | Windows |
| Vulnerabilities CVE-2021-42700,CVE-2021-42702,CVE-2021-42704 are affected in Inkscape 0.91 | Windows |
| inkscape Security Update (ALAS-2023-2043) inkscape-0.92.2-3.amzn2.0.1.x86_64.rpm | Linux |
| inkscape Security Update (ALAS-2023-2043) inkscape-docs-0.92.2-3.amzn2.0.1.x86_64.rpm | Linux |
| inkscape Security Update (ALAS-2023-2043) inkscape-view-0.92.2-3.amzn2.0.1.x86_64.rpm | Linux |
| inkscape Security Update (ALAS2-2023-2043) inkscape-0.92.2-3.amzn2.0.1.x86_64.rpm | Linux |
| inkscape Security Update (ALAS2-2023-2043) inkscape-docs-0.92.2-3.amzn2.0.1.x86_64.rpm | Linux |
| inkscape Security Update (ALAS2-2023-2043) inkscape-view-0.92.2-3.amzn2.0.1.x86_64.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-334412 | Inkscape (EXE) (x64) (1.3.1) |
| PATCH-334562 | Inkscape (EXE) (1.3.2) |
| PATCH-342179 | Inkscape (x64) (1.4) |
| PATCH-334561 | Inkscape (1.3.2) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234