CVE-2023-22963
MEDIUMPersonnummer < 3.0.3 - Improper Input Validation
Title source: ruleDescription
The personnummer implementation before 3.0.3 for Dart mishandles numbers in which the last four digits match the ^000[0-9]$ regular expression.
Scores
CVSS v3
5.3
EPSS
0.0023
EPSS Percentile
45.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Classification
CWE
CWE-20
Status
published
Affected Products (2)
personnummer/personnummer
< 3.0.3
Pub/personnummer
< 3.0.3Pub
Timeline
Published
Jan 11, 2023
Tracked Since
Feb 18, 2026