CVE-2022-4878 in JATOSالمعلومات

الملخص

بحسب MITRE • 09/01/2023

A vulnerability classified as critical has been found in JATOS. Affected is the function ZipUtil of the file modules/common/app/utils/common/ZipUtil.java of the component ZIP Handler. The manipulation leads to path traversal. Upgrading to version 3.7.5-alpha is able to address this issue. The name of the patch is 2b42519f309d8164e8811392770ce604cdabb5da. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217548.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulDB

حجز

06/01/2023

إفشاء

09/01/2023

الاعتدال

تمت الموافقة

إدخال

VDB-217548

CPE

جاهز

CWE

CWE-22 (مؤكد)

CVSS

5.3 (NVD)

EPSS

0.00282

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-4878
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-4878
CVE Details	https://www.cvedetails.com/cve/CVE-2022-4878/

التالي ▸نظرة عامة ◂ السابق

Do you know our Splunk app?

Download it now for free!