Lucene search

@huntrdevCVELIST:CVE-2023-4435

HistoryAug 20, 2023 - 12:00 a.m.

CVE-2023-4435 Improper Input Validation in hamza417/inure

2023-08-2000:00:19

CWE-20

@huntrdev

www.cve.org

cve-2023-4435

github repository

hamza417/inure

improper input validation

prior to build 88

7.7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

20.7%

JSON

Improper Input Validation in GitHub repository hamza417/inure prior to build88.

CNA Affected

[
  {
    "vendor": "hamza417",
    "product": "hamza417/inure",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "build88",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/hamza417/inure/commit/e74062e439f860fd144da4bfc3f35e96c19c3abd

huntr.dev/bounties/1875ee85-4b92-4aa4-861e-094137a29276

7.7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

20.7%

JSON

Related for CVELIST:CVE-2023-4435