Lucene search
MitreCVE-2023-39136HistoryAug 30, 2023 - 10:15 p.m.
CVE-2023-39136
2023-08-3022:15:08
mitre
web.nvd.nist.gov
22
cve-2023-39136
ziparchive
denial of service
dos
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
14.2%
An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to cause a Denial of Service (DoS) via a crafted zip file.
Affected configurations
Node
ziparchive_projectziparchiveMatch2.5.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ziparchive_project | ziparchive | 2.5.4 | cpe:2.3:a:ziparchive_project:ziparchive:2.5.4:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2023-39136
2023-08-30 22:15:08
osv
osv
CVE-2023-39136
2023-08-30 22:15:08
cvelist
cvelist
CVE-2023-39136
2023-08-30 00:00:00
prion
prion
Design/Logic Flaw
2023-08-30 22:15:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
14.2%
Related for CVE-2023-39136