The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer.

Related CVEs

CVE-2023-31244

Key Information

GHSA ID

GHSA-fxv6-7296-f59v

Published

June 6, 2023 6:30 PM

Last Modified

April 4, 2024 4:36 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 1, 2025 6:44 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.