What is CVE-2022-43650?

CVE-2022-43650 is a low-severity vulnerability in Rarlab Winrar, classified under Out-of-bounds Read. CVSS score: 2.5/10. Published 2023-03-29.

How severe is CVE-2022-43650?

Low severity. CVSS v3 base score is 2.5 out of 10.

Out-of-bounds Read in Rarlab Winrar

CVE-2022-43650

This vulnerability allows remote attackers to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.0.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or…

Vulnerability class: Buffer Overflow

EPSS: 0.018 (83.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.5 (Low). Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N.

Affected products

Rarlab Winrar — versions 6.11.0.0

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

www.zerodayinitiative.com/advisories/ZDI-23-092/
www.win-rar.com/singlenewsview.html

Frequently asked questions

What is CVE-2022-43650?: CVE-2022-43650 is a low-severity vulnerability in Rarlab Winrar, classified under Out-of-bounds Read. CVSS score: 2.5/10. Published 2023-03-29.
How severe is CVE-2022-43650?: Low severity. CVSS v3 base score is 2.5 out of 10.