CVE-2023-38633

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3", "name": "https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3", "tags": ["Release Notes"], "refsource": "CONFIRM"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1213502", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1213502", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://gitlab.gnome.org/GNOME/librsvg/-/issues/996", "name": "https://gitlab.gnome.org/GNOME/librsvg/-/issues/996", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/27/1", "name": "[oss-security] 20230727 CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/43", "name": "20230724 APPLE-SA-2023-07-24-1 Safari 16.6", "tags": ["Mailing List", "Not Applicable", "Third Party Advisory"], "refsource": "FULLDISC"}, {"url": "https://www.debian.org/security/2023/dsa-5484", "name": "DSA-5484", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "https://security.netapp.com/advisory/ntap-20230831-0011/", "name": "https://security.netapp.com/advisory/ntap-20230831-0011/", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/06/10", "name": "[oss-security] 20230906 Re: CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters", "tags": ["Mailing List"], "refsource": "MLIST"}, {"url": "https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/", "name": "https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://news.ycombinator.com/item?id=37415799", "name": "https://news.ycombinator.com/item?id=37415799", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/", "name": "FEDORA-2023-fc79ee273d", "tags": ["Third Party Advisory"], "refsource": ""}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/", "name": "FEDORA-2023-0873c38acd", "tags": ["Third Party Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=\".?../../../../../../../../../../etc/passwd\" in an xi:include element."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-22"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-38633", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2023-07-22T17:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.48.11", "versionStartIncluding": "2.48.0"}, {"cpe23Uri": "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.50.8", "versionStartIncluding": "2.50.0"}, {"cpe23Uri": "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.52.10", "versionStartIncluding": "2.52.0"}, {"cpe23Uri": "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.54.6", "versionStartIncluding": "2.54.0"}, {"cpe23Uri": "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.55.3", "versionStartIncluding": "2.55.0"}, {"cpe23Uri": "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.56.3", "versionStartIncluding": "2.56.0"}, {"cpe23Uri": "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.46.6", "versionStartIncluding": "2.42.3"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-01-24T16:41Z"}