How severe is CVE-2023-3098?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-3098?

This is classified as CWE-24, which is a common weakness in software security.

CVE-2023-3098

HIGH Year: 2023

CVSS v3 Score

7.8

High

CVSS v2 Score

3.2

Low

Weakness Type

CWE-24

View all →

Vulnerability Description

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restore_all_sound_file. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.2-0kylin6k70-23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230688. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2014-125033

HIGH

CVSS:7.5(High)

A vulnerability was found in rails-cv-app. It has been rated as problematic. Affected by this issue is some unknown functionality of the file app/controllers/uploaded_files_controller.rb. The manipula...

CWE-242014

CVE-2018-25094

HIGH

CVSS:7.5(High)

A vulnerability was found in ระบบบัญชีออนไลน์ Online Accounting System up to 1.4.0 and classified as problematic. This issue affects some unknown processing of the file ckeditor/filemanager/browser/de...

CWE-242018

CVE-2019-25087

HIGH

CVSS:7.5(High)

A vulnerability was found in RamseyK httpserver. It has been rated as critical. This issue affects the function ResourceHost::getResource of the file src/ResourceHost.cpp of the component URI Handler....

CWE-242019

CVE-2020-9708

HIGH

CVSS:7.5(High)

The resolveRepositoryPath function doesn't properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot. This issue may lead to unauthorized access o...

CWE-242020

CVE-2021-29466

HIGH

CVSS:7.5(High)

Discord-Recon is a bot for the Discord chat service. In versions of Discord-Recon 0.0.3 and prior, a remote attacker is able to read local files from the server that can disclose important information...

CWE-242021

CVE-2023-3239

HIGH

CVSS:7.5(High)

A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mudi=readQrCode. The manipulation of the argument im...

CWE-242023

CVE-2023-3098

Vulnerability Description

Related Vulnerabilities

CVE-2014-125033

CVE-2018-25094

CVE-2019-25087

CVE-2020-9708

CVE-2021-29466

CVE-2023-3239