Vulnerability Details CVE-2023-49287
TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 81.2%
CVSS Severity
CVSS v3 Score 7.7
References
- http://packetstormsecurity.com/files/176060/TinyDir-1.2.5-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2023/Dec/14
- http://www.openwall.com/lists/oss-security/2023/12/04/1
- https://github.com/cxong/tinydir/releases/tag/1.2.6
- https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
- http://packetstormsecurity.com/files/176060/TinyDir-1.2.5-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2023/Dec/14
- http://www.openwall.com/lists/oss-security/2023/12/04/1
- https://github.com/cxong/tinydir/releases/tag/1.2.6
- https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
Products affected by CVE-2023-49287
-
cpe:2.3:a:cxong:tinydir:-
-
cpe:2.3:a:cxong:tinydir:1.1
-
cpe:2.3:a:cxong:tinydir:1.1.0
-
cpe:2.3:a:cxong:tinydir:1.2
-
cpe:2.3:a:cxong:tinydir:1.2.1
-
cpe:2.3:a:cxong:tinydir:1.2.2
-
cpe:2.3:a:cxong:tinydir:1.2.3
-
cpe:2.3:a:cxong:tinydir:1.2.4
-
cpe:2.3:a:cxong:tinydir:1.2.5