Zurück zur CVE-Übersicht
CVE-2024-22050
HIGH(7.5)CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Risk Signal Score19/100 — NIEDRIG
- CVSS 7.5 — Hoch
EPSS-Score
1%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.5
Technische Schwere
Beschreibung
Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs.
Referenzen
- https://github.com/advisories/GHSA-85rf-xh54-whp3
- https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949...
- https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3
- https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3
- https://github.com/advisories/GHSA-85rf-xh54-whp3
- https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949...
- https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3
- https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3