CVE-2025-64184
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Dosage is a comic strip downloader and archiver. When downloading comic images in versions 3.1 and below, Dosage constructs target file names from different aspects of the remote comic (page URL, image URL, page content, etc.). While the basename is properly stripped of directory-traversing characters, the file extension is taken from the HTTP Content-Type header. This allows a remote attacker (or a Man-in-the-Middle, if the comic is served over HTTP) to write arbitrary files outside the target directory (if additional conditions are met). This issue is fixed in version 3.2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| webcomics | dosage | < 3.2 | affected |
Weaknesses
- CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://github.com/webcomics/dosage/security/advisories/GHSA-4vcx-3pj3-44m7
- https://github.com/webcomics/dosage/commit/336a9684191604bc49eed7296b74bd582151181e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.