Lucene search
HistoryMay 28, 2023 - 11:15 p.m.
CVE-2023-31873
cve-2023-31873
gin 0.7.4
arbitrary code execution
crafted file
security vulnerability
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
21.3%
Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require(‘child_process’).
Affected configurations
Node
gin_projectginMatch0.7.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| gin_project:gin | gin project gin | eq | 0.7.4 |
Related
nvd
nvd
CVE-2023-31873
2023-05-28 23:15:09
packetstorm
packetstorm
Gin Markdown Editor 0.7.4 Arbitrary Code Execution
2023-05-24 00:00:00
zdt
zdt
prion
prion
Security feature bypass
2023-05-28 23:15:00
cvelist
cvelist
CVE-2023-31873
2023-05-28 00:00:00
exploitdb
exploitdb
Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution
2023-05-23 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
21.3%
Related for CVE-2023-31873