CVE-2017-20181 in Vocable Trainerinformazioni

Riassunto

di MITRE • 07/03/2023

A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to version 1.3.1 is able to address this issue. The name of the patch is accf6838078f8eb105cfc7865aba5c705fb68426. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222328.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsabile

VulDB

Prenotare

04/03/2023

Divulgazione

07/03/2023

Moderazione

accettato

Voce

VDB-222328

CPE

pronto

CWE

CWE-22 (confermato)

CVSS

5.5 (NVD)

EPSS

0.00266

KEV

Attività

molto basso

Settore

Police, Homeoffice

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20181
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20181
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20181/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you need the next level of professionalism?

Upgrade your account now!