CVE-2022-25298
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C
Summary
This affects the package sprinfall/webcc before 0.3.0. It is possible to traverse directories to fetch arbitrary files from the server.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | sprinfall/webcc | unspecified < 0.3.0 | affected |
Weaknesses
- Path Traversal
ADP Enrichment
CVE Program Container
Additional References
- https://snyk.io/vuln/SNYK-UNMANAGED-SPRINFALLWEBCC-2404182
- https://github.com/sprinfall/webcc/commit/55a45fd5039061d5cc62e9f1b9d1f7e97a15143f
References
- https://snyk.io/vuln/SNYK-UNMANAGED-SPRINFALLWEBCC-2404182
- https://github.com/sprinfall/webcc/commit/55a45fd5039061d5cc62e9f1b9d1f7e97a15143f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.