{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T02:27:16.654","vulnerabilities":[{"cve":{"id":"CVE-2025-42970","sourceIdentifier":"cna@sap.com","published":"2025-07-08T01:15:24.290","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high privileged victim extracts this malicious archive, it is then processed by SAPCAR on their system, causing files to be extracted outside the intended directory and overwriting files in arbitrary locations. This vulnerability has a high impact on the integrity and availability of the application with no impact on confidentiality."},{"lang":"es","value":"SAPCAR depura incorrectamente las rutas de archivo al extraer archivos SAPCAR. Debido a esto, un atacante podría manipular un archivo SAPCAR malicioso que contenga secuencias de Directory Traversal. Cuando una víctima con privilegios elevados extrae este archivo malicioso, SAPCAR lo procesa en su sistema, lo que provoca la extracción de archivos fuera del directorio previsto y la sobrescritura de archivos en ubicaciones arbitrarias. Esta vulnerabilidad tiene un alto impacto en la integridad y disponibilidad de la aplicación, sin afectar la confidencialidad."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.6,"impactScore":5.2}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://me.sap.com/notes/3595156","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}