How severe is CVE-2023-52169?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.2 out of 10.

What type of vulnerability is CVE-2023-52169?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2023-52169 - HIGH Severity | CVSS 8.2

Vulnerability Description

The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has security relevance in some known web-service use cases where untrusted users can upload files and have them extracted by a server-side 7-Zip process.

Related Vulnerabilities

CVE-2015-8397

HIGH

CVSS:8.2(High)

The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process...

CWE-1252015

CVE-2016-9050

HIGH

CVSS:8.2(High)

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read res...

CWE-1252016

CVE-2017-14457

HIGH

CVSS:8.2(High)

An exploitable information leak/denial of service vulnerability exists in the libevm (Ethereum Virtual Machine) `create2` opcode handler of CPP-Ethereum. A specially crafted smart contract code can ca...

CWE-1252017

CVE-2017-2895

HIGH

CVSS:8.2(High)

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-boun...

CWE-1252017

CVE-2017-7813

HIGH

CVSS:8.2(High)

Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limi...

CWE-1252017

CVE-2019-14491

HIGH

CVSS:8.2(High)

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, wh...

CWE-1252019