CVE-2023-40031

CVSS V2 None CVSS V3 None

Description

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++.

Overview

CVE ID
CVE-2023-40031

Assigner
GitHub_M

Vulnerability Status
PUBLISHED

Published Version
2023-08-25T19:49:23.433Z

Last Modified Date
2023-08-25T20:18:23.949Z

Weakness Enumerations

CWE	URL
CWE-120	http://cwe.mitre.org/data/definitions/120.html
CWE-122	http://cwe.mitre.org/data/definitions/122.html

References

Reference URL	Reference Tags
https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/	x_refsource_CONFIRM

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-40031
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40031

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 02:11:17				Added to TrackCVE