CVE-2023-30678

CWE-22 — Path Traversal3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 71.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Calendar

Timeline

PublishedJul 6

Description

Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 2.5 | Impact: 2.5

Affected Packages1 packages

▶NVDsamsung/calendar< 12.4.07.15

🔴Vulnerability Details

GHSA

GHSA-6p4h-xvj3-j477: Potential zip path traversal vulnerability in Calendar application prior to version 12↗2023-07-06

▶

CVEList

CVE-2023-30678: Potential zip path traversal vulnerability in Calendar application prior to version 12↗2023-07-06

▶