CVE-2023-22846 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-22846 PUBLISHED CVSS 5.5 MEDIUM

Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.

EPSS 0.04% · 11.1th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS Score

0.04%

11.1th percentile

Affected Products

Vendor	Product	Versions
datakit	crosscadware	0, 0
Datakit	CrossCAD/Ware_x64 library 0	0

Timeline

Feb 14, 2023 CVE Published
Apr 21, 2023 EPSS Score
May 28, 2023 EPSS Score
Jul 4, 2023 EPSS Score
Aug 9, 2023 EPSS Score
Sep 15, 2023 EPSS Score
Oct 22, 2023 EPSS Score
Nov 28, 2023 EPSS Score
Jan 4, 2024 EPSS Score
Feb 10, 2024 EPSS Score
Mar 17, 2024 EPSS Score
Apr 23, 2024 EPSS Score

References

Open in Interactive Console →