CVE-2023-40036
CVSS V2 None
CVSS V3 None
Description
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `CharDistributionAnalysis::HandleOneChar`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.
Overview
- CVE ID
- CVE-2023-40036
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-08-25T19:58:33.936Z
- Last Modified Date
- 2023-08-25T20:18:01.997Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/ | x_refsource_CONFIRM |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-40036 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40036 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 02:39:00 | Added to TrackCVE |