Lucene search
HistoryJun 26, 2023 - 3:15 p.m.
CVE-2023-25307
cve-2023-25307
directory traversal
vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
27.0%
nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal.
Affected configurations
Node
mrpack-install_projectmrpack-installRange<0.16.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mrpack-install_project | mrpack-install | * | cpe:2.3:a:mrpack-install_project:mrpack-install:*:*:*:*:*:*:*:* |
Related
veracode
veracode
Path Traversal
2023-07-18 06:42:42
cve
cve
CVE-2023-25307
2023-06-26 15:15:09
prion
prion
Directory traversal
2023-06-26 15:15:00
osv
osv
CVE-2023-25307
2023-06-26 15:15:09
mrpack-install vulnerable to path traversal with dependency in github.com/nothub/mrpack-install
2024-08-20 20:26:01
mrpack-install vulnerable to path traversal with dependency
2023-02-08 18:07:16
github
github
mrpack-install vulnerable to path traversal with dependency
2023-02-08 18:07:16
cvelist
cvelist
CVE-2023-25307
2023-06-26 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
27.0%
Related for NVD:CVE-2023-25307