Lucene search
MitreCVE-2023-43620HistorySep 20, 2023 - 6:15 a.m.
CVE-2023-43620
2023-09-2006:15:10
CWE-116
mitre
web.nvd.nist.gov
26
croc
cve-2023-43620
security
vulnerability
nvd
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
19.7%
An issue was discovered in Croc through 9.6.5. A sender may place ANSI or CSI escape sequences in a filename to attack the terminal device of a receiver.
Affected configurations
Node
schollzcrocRange≤9.6.5
Related
alpinelinux
alpinelinux
CVE-2023-43620
2023-09-20 06:15:10
cvelist
cvelist
CVE-2023-43620
2023-09-20 00:00:00
vulnrichment
vulnrichment
CVE-2023-43620
2023-09-20 00:00:00
github
github
nvd
nvd
CVE-2023-43620
2023-09-20 06:15:10
osv
osv
Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device in github.com/schollz/croc
2024-08-21 14:30:18
CVE-2023-43620
2023-09-20 06:15:10
CGA-xj3j-mpx5-5qc8
2024-06-06 12:26:35
wolfi
wolfi
CVE-2023-43620 vulnerabilities
2024-09-30 09:32:54
prion
prion
Design/Logic Flaw
2023-09-20 06:15:00
veracode
veracode
Improper Neutralization Of Filename Or Path
2023-09-29 09:30:19
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
19.7%
Related for CVE-2023-43620