CVE-2023-44709

Name of the Vulnerable Software and Affected Versions PlutoSVG versions prior to commit 336c02997277a1888e6ccbbbe674551a0582e5c4

Description The issue is related to an integer overflow in the plutosvg load from memory component. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For versions prior to commit 336c02997277a1888e6ccbbbe674551a0582e5c4, update to a version after commit 336c02997277a1888e6ccbbbe674551a0582e5c4 to resolve the issue. As a temporary workaround, consider restricting the use of the plutosvg load from memory component until a patch is available.