CVE-2023-47113

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-47113

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-47113.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-47113

Aliases

GHSA-j8jc-f6p7-55p8

Published

2023-11-08T21:57:47.549Z

Modified

2025-11-29T14:49:28.890493Z

Severity

7.3 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

DLL Search Order Hijacking vulnerability in BleachBit for Windows

Details

BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.4.2 is vulnerable to a DLL Hijacking vulnerability. By placing a DLL in the Folder c:\DLLs, an attacker can run arbitrary code on every execution of BleachBit for Windows. This issue has been patched in version 4.5.0.

Database specific

{
    "cwe_ids": [
        "CWE-427"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/47xxx/CVE-2023-47113.json"
}

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-47113.json"