CVE-2022-25358 in awful-salmonella-tarinfo

Summary

by MITRE • 02/19/2022

A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

02/18/2022

Disclosure

02/19/2022

Moderation

accepted

CPE

ready

EPSS

0.01131

KEV

no

Activities

very low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2022-25358
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2022-25358
CVE Detailshttps://www.cvedetails.com/cve/CVE-2022-25358/

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!