CVE-2023-40164

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-40164

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-40164.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-40164

Published

2023-08-25T21:15:08Z

Modified

2025-01-14T11:54:43.194767Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in nsCodingStateMachine::NextStater. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.

References

https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/

Affected packages

Git / github.com/notepad-plus-plus/notepad-plus-plus

Affected ranges

Type: GIT
Repo: https://github.com/notepad-plus-plus/notepad-plus-plus
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e39deab7782a89990ac5d3b35f910a33949ea740

Affected versions

7.*

7.2.2

7.3.1

Other

patch-1_#167

patch-2_#268

patch-3_#283

v5.*

v5.4.2

v5.4.3

v5.4.4

v5.4.5

v5.5

v5.5.1

v5.6

v5.6.1

v5.6.2

v5.6.3

v5.6.4

v5.6.5

v5.6.6

v5.6.7

v5.6.8

v5.7

v5.8

v5.8.1

v5.8.2

v5.8.3

v5.8.4

v5.8.5

v5.8.6

v5.8.7

v5.9

v5.9.1

v5.9.2

v5.9.3

v5.9.4

v5.9.5

v5.9.6

v5.9.6.1

v5.9.6.2

v5.9.7

v5.9.8

v6.*

v6.1

v6.1.1

v6.1.2

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.2

v6.2.1

v6.2.2

v6.2.3_-_End_of_World_Edition

v6.3

v6.3.1

v6.3.2

v6.3.3

v6.4

v6.4.1

v6.4.2

v6.4.3

v6.4.4

v6.4.5

v6.5

v6.5.1

v6.5.2

v6.5.3

v6.5.4

v6.5.5

v6.6

v6.6.1

v6.6.2

v6.6.3

v6.6.4

v6.6.6_-_Friday_the_13th_edition

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7.1

v6.7.2

v6.7.3

v6.7.4_-_Je_suis_Charlie_edition

v6.7.5

v6.7.6

v6.7.7

v6.7.8

v6.7.8.1

v6.7.8.2

v6.7.9

v6.7.9.1

v6.7.9.2

v6.8

v6.8.1

v6.8.2

v6.8.3

v6.8.4

v6.8.5

v6.8.6

v6.8.7

v6.8.8

v6.8.9

v6.9

v6.9.1

v6.9.2

v7.*

v7.1

v7.2

v7.2.1

v7.2.2

v7.3

v7.3.1

v7.3.2

v7.3.3

v7.4

v7.4.1

v7.4.2

v7.5

v7.5.1

v7.5.2

v7.5.3

v7.5.4

v7.5.5

v7.5.6

v7.5.7

v7.5.8

v7.5.9

v7.6

v7.6.1

v7.6.2

v7.6.3

v7.6.4

v7.6.5

v7.6.6

v7.7

v7.7.1

v7.8

v7.8.1

v7.8.2

v7.8.3

v7.8.4

v7.8.5

v7.8.6

v7.8.7

v7.8.8

v7.8.9

v7.9

v7.9.1

v7.9.2

v7.9.3

v7.9.4

v7.9.5

v8.*

v8.1

v8.1.1

v8.1.2

v8.1.3

v8.1.4

v8.1.5

v8.1.6

v8.1.7

v8.1.8

v8.1.9

v8.1.9.1

v8.1.9.2

v8.1.9.3

v8.2

v8.2.1

v8.3

v8.3.1

v8.3.2

v8.3.3

v8.4

v8.4.1

v8.4.2

v8.4.3

v8.4.4

v8.4.5

v8.4.6

v8.4.7

v8.4.8

v8.4.9

v8.5

v8.5.1

v8.5.2

v8.5.3

v8.5.4

v8.5.5

v8.5.6