Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

catdoc_project

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

4
Related CVEsRelated ProductsRelated AssignersReports
4Vulnerabilities found
CVE-2024-52035
Assigner-Talos
ShareView Details
Assigner-Talos
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.51%
||
7 Day CHG+0.01%
Published-02 Jun, 2025 | 15:00
Updated-25 Aug, 2025 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-catdoc_projectcatdoc
Product-catdoccatdoc
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-54028
Assigner-Talos
ShareView Details
Assigner-Talos
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.51%
||
7 Day CHG+0.01%
Published-02 Jun, 2025 | 15:00
Updated-25 Aug, 2025 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-catdoc_projectcatdoc
Product-catdoccatdoc
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2023-41633
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.81%
||
7 Day CHG~0.00%
Published-01 Sep, 2023 | 00:00
Updated-01 Oct, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.

Action-Not Available
Vendor-catdoc_projectn/a
Product-catdocn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-31979
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.68%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 00:00
Updated-29 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c.

Action-Not Available
Vendor-catdoc_projectn/a
Product-catdocn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')