Lucene search
HistoryMar 15, 2023 - 8:15 p.m.
CVE-2023-25345
directory traversal
swig-templates
swig
arbitrary files
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.5
Confidence
High
EPSS
0.002
Percentile
54.5%
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags.
Affected configurations
Node
swig-templates_projectswig-templatesRange≤2.0.4
ORswig_projectswigRange≤1.4.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| swig-templates_project | swig-templates | * | cpe:2.3:a:swig-templates_project:swig-templates:*:*:*:*:*:*:*:* |
| swig_project | swig | * | cpe:2.3:a:swig_project:swig:*:*:*:*:*:*:*:* |
Related
veracode
veracode
Path Traversal
2023-03-17 01:45:46
cvelist
cvelist
CVE-2023-25345
2023-03-15 00:00:00
cve
cve
CVE-2023-25345
2023-03-15 20:15:10
osv
osv
Arbitrary local file read vulnerability during template rendering
2023-03-15 21:30:25
CVE-2023-25345
2023-03-15 20:15:10
prion
prion
Directory traversal
2023-03-15 20:15:00
github
github
Arbitrary local file read vulnerability during template rendering
2023-03-15 21:30:25
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.5
Confidence
High
EPSS
0.002
Percentile
54.5%
Related for NVD:CVE-2023-25345