CVE-2023-40889

A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner. (CVSS:9.8) (EPSS:0.12%) (Last Update:2023-08-31 18:35:27)    Latest security vulnerabilities (Gain Information) (CVSS score >= 4) 

More To Explore