Lucene search
MitreCVE-2023-43616HistorySep 20, 2023 - 6:15 a.m.
CVE-2023-43616
2023-09-2006:15:10
CWE-22
mitre
web.nvd.nist.gov
25
croc
zip extraction
security vulnerability
cve-2023-43616
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
31.7%
An issue was discovered in Croc through 9.6.5. A sender can cause a receiver to overwrite files during ZIP extraction.
Affected configurations
Node
schollzcrocRange≤9.6.5
Related
prion
prion
Code injection
2023-09-20 06:15:00
osv
osv
CVE-2023-43616
2023-09-20 06:15:10
Sender can cause a receiver to overwrite files during ZIP extraction in Croc in github.com/schollz/croc
2024-08-21 14:30:18
Sender can cause a receiver to overwrite files during ZIP extraction in Croc
2023-09-20 06:30:50
github
github
Sender can cause a receiver to overwrite files during ZIP extraction in Croc
2023-09-20 06:30:50
alpinelinux
alpinelinux
CVE-2023-43616
2023-09-20 06:15:10
cvelist
cvelist
CVE-2023-43616
2023-09-20 00:00:00
veracode
veracode
Arbitrary File Overwrite
2023-09-29 08:48:13
nvd
nvd
CVE-2023-43616
2023-09-20 06:15:10
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
31.7%
Related for CVE-2023-43616