Lucene search

[email protected]NVD:CVE-2023-30259

HistoryJun 28, 2023 - 2:15 p.m.

CVE-2023-30259

2023-06-2814:15:09

CWE-125

[email protected]

web.nvd.nist.gov

buffer overflow

librecad

importshp plugin

cve-2023-30259

sensitive information

crafted dbf file

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

28.7%

JSON

A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file.

Affected configurations

Nvd

Node

librecadlibrecadMatch2.2.0-

VendorProductVersionCPE
librecadlibrecad2.2.0cpe:2.3:a:librecad:librecad:2.2.0:-:*:*:*:*:*:*

Vendor	Product	Version	CPE
librecad	librecad	2.2.0	cpe:2.3:a:librecad:librecad:2.2.0:-::::::

References

github.com/LibreCAD/LibreCAD/issues/1481

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

28.7%

JSON

Related for NVD:CVE-2023-30259

freebsd1 cvelist1 ubuntucve1 debiancve1 osv1 nessus1 prion1 veracode1 cve1