Lucene search
GoogleOSV:CVE-2023-39136HistoryAug 30, 2023 - 10:15 p.m.
CVE-2023-39136
2023-08-3022:15:08
Google
osv.dev
6
ziparchive
denial of service
unsanitized path
cve-2023-39136
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
14.2%
An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to cause a Denial of Service (DoS) via a crafted zip file.
Related
nvd
nvd
CVE-2023-39136
2023-08-30 22:15:08
cvelist
cvelist
CVE-2023-39136
2023-08-30 00:00:00
prion
prion
Design/Logic Flaw
2023-08-30 22:15:00
cve
cve
CVE-2023-39136
2023-08-30 22:15:08
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
14.2%
Related for OSV:CVE-2023-39136