Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-22898

workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2023-22898
  • Circl » Pandora » Version: 0.7
    cpe:2.3:a:circl:pandora:0.7
  • Circl » Pandora » Version: 0.8
    cpe:2.3:a:circl:pandora:0.8
  • Circl » Pandora » Version: 0.8.1
    cpe:2.3:a:circl:pandora:0.8.1
  • Circl » Pandora » Version: 1.0.0
    cpe:2.3:a:circl:pandora:1.0.0
  • Circl » Pandora » Version: 1.0.1
    cpe:2.3:a:circl:pandora:1.0.1
  • Circl » Pandora » Version: 1.1.0
    cpe:2.3:a:circl:pandora:1.1.0
  • Circl » Pandora » Version: 1.2.0
    cpe:2.3:a:circl:pandora:1.2.0
  • Circl » Pandora » Version: 1.3.0
    cpe:2.3:a:circl:pandora:1.3.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved