CVE-2023-49287

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 4, 2023

Updated: Dec 13, 2023

CWE ID 121

CWE ID 120

Summary

CVE-2023-49287 is a newly identified vulnerability affecting the TinyDir lightweight C directory and file reader. This issue stems from buffer overflows in the `tinydir_file_open()` function. If exploited, an attacker could potentially execute arbitrary code, leading to significant security risks. The vulnerability has been mitigated by fixing the issue in version 1.2.6 of TinyDir. Users are strongly advised to update to this version to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tjIDwY
https://www.cve.org/CVERecord?id=CVE-2023-49287
https://nvd.nist.gov/vuln/detail/CVE-2023-49287

Back to Vulnerability Database

CVE-2023-49287

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations