{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-27T19:49:17.515","vulnerabilities":[{"cve":{"id":"CVE-2025-42971","sourceIdentifier":"cna@sap.com","published":"2025-07-08T01:15:24.463","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file extraction and file overwrite outside the intended directories. This vulnerability has low impact on the confidentiality, integrity and availability of the application."},{"lang":"es","value":"Existe una vulnerabilidad de corrupción de memoria en SAPCAR que permite a un atacante manipular archivos maliciosos. Cuando una víctima con privilegios elevados extrae este archivo malicioso, SAPCAR lo procesa en su sistema, lo que provoca lecturas y escrituras de memoria fuera de los límites permitidos. Esto podría provocar la extracción y sobrescritura de archivos fuera de los directorios previstos. Esta vulnerabilidad tiene un impacto bajo en la confidencialidad, integridad y disponibilidad de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cna@sap.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.6,"impactScore":3.4}]},"weaknesses":[{"source":"cna@sap.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"references":[{"url":"https://me.sap.com/notes/3595141","source":"cna@sap.com"},{"url":"https://url.sap/sapsecuritypatchday","source":"cna@sap.com"}]}}]}