CVE-2019-19795

{"id": "CVE-2019-19795", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-12-13T22:15:11.437", "references": [{"url": "https://github.com/michaelforney/samurai/issues/29", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file."}, {"lang": "es", "value": "samurai versi\u00f3n 0.7, tiene un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n canonpath en el archivo util.c por medio de un archivo build especialmente dise\u00f1ado."}], "lastModified": "2019-12-17T15:30:49.757", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:samurai_project:samurai:0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "154461A0-FE5B-41BF-B22E-FCE41E3A4827"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}