CVE-2023-43616

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 20, 2023

Updated: Feb 1, 2024

CWE ID 22

Summary

CVE-2023-43616 is a vulnerability affecting Croc versions up to 9.6.5. This issue permits a sender to trigger file overwriting during ZIP extraction, posing a risk for data loss or unauthorized file modification on the receiver's end. An attacker could exploit this vulnerability by crafting a malicious ZIP file, leading to potential security consequences. Users are advised to update their Croc software to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/svJkTa
https://www.cve.org/CVERecord?id=CVE-2023-43616
https://nvd.nist.gov/vuln/detail/CVE-2023-43616

Back to Vulnerability Database

CVE-2023-43616

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations