Lucene search
HistoryOct 30, 2023 - 4:15 a.m.
CVE-2023-44141
inkdrop
v5.6.0
code injection
vulnerability
crafted markdown file
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
21.1%
Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file.
Affected configurations
Node
inkdropinkdropRange<5.6.0
ORinkdropinkdropMatch5.6.0beta0
ORinkdropinkdropMatch5.6.0beta1
ORinkdropinkdropMatch5.6.0beta2
ORinkdropinkdropMatch5.6.0beta3
ORinkdropinkdropMatch5.6.0beta4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| inkdrop | inkdrop | * | cpe:2.3:a:inkdrop:inkdrop:*:*:*:*:*:*:*:* |
| inkdrop | inkdrop | 5.6.0 | cpe:2.3:a:inkdrop:inkdrop:5.6.0:beta0:*:*:*:*:*:* |
| inkdrop | inkdrop | 5.6.0 | cpe:2.3:a:inkdrop:inkdrop:5.6.0:beta1:*:*:*:*:*:* |
| inkdrop | inkdrop | 5.6.0 | cpe:2.3:a:inkdrop:inkdrop:5.6.0:beta2:*:*:*:*:*:* |
| inkdrop | inkdrop | 5.6.0 | cpe:2.3:a:inkdrop:inkdrop:5.6.0:beta3:*:*:*:*:*:* |
| inkdrop | inkdrop | 5.6.0 | cpe:2.3:a:inkdrop:inkdrop:5.6.0:beta4:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-44141
2023-10-30 04:15:10
cvelist
cvelist
CVE-2023-44141
2023-10-30 03:42:18
prion
prion
Code injection
2023-10-30 04:15:00
jvn
jvn
JVN#48057522: Inkdrop vulnerable to code injection
2023-10-30 00:00:00
vulnrichment
vulnrichment
CVE-2023-44141
2023-10-30 03:42:18
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
21.1%
Related for NVD:CVE-2023-44141