CVE-2023-3091

HIGH

Captura <8.0.0 - Uncontrolled Search Path

Title source: llm

Description

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown code in the library CRYPTBASE.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation appears to be difficult. The identifier of this vulnerability is VDB-230668. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

References (2)

[Permissions Required, Third Party Advisory] https://vuldb.com/?ctiid.230668

[Permissions Required, Third Party Advisory] https://vuldb.com/?id.230668

Scores

CVSS v3 7.0

EPSS 0.0003

EPSS Percentile 9.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (1)

captura_project/captura < 8.0.0

Timeline

Published Jun 04, 2023

Tracked Since Feb 18, 2026