CVE-2023-36307

Name of the Vulnerable Software and Affected Versions ZPLGFA version 1.1.1

Description The issue allows attackers to cause a panic due to an integer index out of range during a ConvertToGraphicField call via an image of zero width. It is unclear whether there are common use cases in which this panic could have any security consequence.

Recommendations For ZPLGFA version 1.1.1, consider avoiding the use of images with zero width to prevent the panic, as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.