CVE-2023-34095 – cpdb-libs vulnerable to buffer overflows via scanf

https://notcve.org/view.php?id=CVE-2023-34095

14 Jun 2023 — cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of `scanf(3)`. cpdb-libs uses the `fscanf()` and `scanf()` functions to parse command lines and configuration files, dropping the read string components into fixed-length buffers, but does not limit the length of the strings to be read by `fscanf()` and `scanf()` causing buffer overflows when a string is longer t... • http://www.openwall.com/lists/oss-security/2023/06/14/7 • CWE-121: Stack-based Buffer Overflow •