{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-46652", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-10-24T19:23:47.167Z", "dateReserved": "2025-04-26T00:00:00.000Z", "datePublished": "2025-04-26T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "IZArc", "vendor": "IZArc", "versions": [{"lessThanOrEqual": "4.5", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears Mark-of-the-Web, Mark-of-the-Web is not propagated to the extracted files. NOTE: this is disputed because Mark-of-the-Web propagation can increase risk via security-warning habituation, and because the intended control sphere for file-origin metadata (e.g., HostUrl in Zone.Identifier) may be narrower than that for reading the file's content."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-830", "description": "CWE-830 Inclusion of Web Functionality from an Untrusted Source", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-10-24T19:23:47.167Z"}, "references": [{"url": "https://github.com/EnisAksu/Argonis/blob/main/CVEs/IZArc/IZArc%20Mark-of-the-Web%20Bypass%20Vulnerability.md"}, {"url": "https://github.com/EnisAksu/Argonis/security/advisories/GHSA-637g-8v47-79mv"}, {"url": "https://www.izarc.org/news"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:izarc:izarc:*:*:*:*:*:*:*:*", "versionEndIncluding": "4.5"}]}]}], "tags": ["disputed"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-28T15:52:52.089074Z", "id": "CVE-2025-46652", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-28T15:52:58.382Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-46652", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-28T15:52:52.089074Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-28T15:52:55.578Z"}}], "cna": {"tags": ["disputed"], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "IZArc", "product": "IZArc", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "4.5"}], "defaultStatus": "unknown"}], "references": [{"url": "https://github.com/EnisAksu/Argonis/blob/main/CVEs/IZArc/IZArc%20Mark-of-the-Web%20Bypass%20Vulnerability.md"}, {"url": "https://github.com/EnisAksu/Argonis/security/advisories/GHSA-637g-8v47-79mv"}, {"url": "https://www.izarc.org/news"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears Mark-of-the-Web, Mark-of-the-Web is not propagated to the extracted files. NOTE: this is disputed because Mark-of-the-Web propagation can increase risk via security-warning habituation, and because the intended control sphere for file-origin metadata (e.g., HostUrl in Zone.Identifier) may be narrower than that for reading the file's content."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-830", "description": "CWE-830 Inclusion of Web Functionality from an Untrusted Source"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:izarc:izarc:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "4.5"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-10-24T19:23:47.167Z"}}}, "cveMetadata": {"cveId": "CVE-2025-46652", "state": "PUBLISHED", "dateUpdated": "2025-10-24T19:23:47.167Z", "dateReserved": "2025-04-26T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-04-26T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears Mark-of-the-Web, Mark-of-the-Web is not propagated to the extracted files. NOTE: this is disputed because Mark-of-the-Web propagation can increase risk via security-warning habituation, and because the intended control sphere for file-origin metadata (e.g., HostUrl in Zone.Identifier) may be narrower than that for reading the file's content."}, {"lang": "es", "value": "En IZArc hasta la versi\u00f3n 4.5, existe una vulnerabilidad de omisi\u00f3n de la marca de la web. Cuando un usuario realiza una extracci\u00f3n de un archivo comprimido con la marca de la web, esta no se propaga a los archivos extra\u00eddos."}], "id": "CVE-2025-46652", "lastModified": "2025-10-24T20:16:19.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2025-04-26T18:15:31.297", "references": [{"source": "cve@mitre.org", "url": "https://github.com/EnisAksu/Argonis/blob/main/CVEs/IZArc/IZArc%20Mark-of-the-Web%20Bypass%20Vulnerability.md"}, {"source": "cve@mitre.org", "url": "https://github.com/EnisAksu/Argonis/security/advisories/GHSA-637g-8v47-79mv"}, {"source": "cve@mitre.org", "url": "https://www.izarc.org/news"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-830"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{}

{"created": "2025-06-23T19:31:58.832021+00:00", "updated": "2025-06-23T19:31:58.832087+00:00", "vendors": ["izarc", "izarc$PRODUCT$izarc"]}