Lucene search

[email protected]NVD:CVE-2022-42725

HistoryOct 10, 2022 - 5:15 a.m.

CVE-2022-42725

2022-10-1005:15:09

CWE-59

[email protected]

web.nvd.nist.gov

warpinator

directory traversal

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

56.4%

JSON

Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links.

Affected configurations

Nvd

Node

linuxmintwarpinatorRange≤1.2.14

VendorProductVersionCPE
linuxmintwarpinator*cpe:2.3:a:linuxmint:warpinator:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linuxmint	warpinator	*	cpe:2.3:a:linuxmint:warpinator::::::::

References

www.openwall.com/lists/oss-security/2022/10/24/1

www.openwall.com/lists/oss-security/2023/04/26/1

github.com/linuxmint/warpinator/commit/5244c33d4c109ede9607b9d94461650410e2cddc

github.com/linuxmint/warpinator/commit/8bfd2f8b3f1b0c0f0a5a6d275702d107b9e08a94

github.com/linuxmint/warpinator/commit/95124fd4468683dd69ddd7b3da0e9906ce6beae2

github.com/linuxmint/warpinator/commit/f4907ef6a17a189d56ab0a9da4b53190b061ad75

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

56.4%

JSON

Related for NVD:CVE-2022-42725

prion1 osv1 cvelist1 cve1