{"id":"CVE-2022-23318","details":"A heap-buffer-overflow in pcf2bdf, versions \u003e= 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact.","modified":"2026-04-10T04:44:57.360565Z","published":"2022-02-17T13:15:07.813Z","references":[{"type":"ADVISORY","url":"https://github.com/ganaware/pcf2bdf"},{"type":"FIX","url":"https://github.com/ganaware/pcf2bdf/issues/4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ganaware/pcf2bdf","events":[{"introduced":"0"},{"last_affected":"e6dea1c77e2b14d86fe2e7082a545ded868316d6"},{"introduced":"0"},{"last_affected":"fbc3c0a8231f70c263af9362c8bd75d463c36f44"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.04"},{"introduced":"0"},{"last_affected":"1.05"}]}}],"versions":["1.04","1.05"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23318.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}]}