Lucene search

[email protected]CVE-2022-42725

HistoryOct 10, 2022 - 5:15 a.m.

CVE-2022-42725

2022-10-1005:15:09

CWE-59

[email protected]

web.nvd.nist.gov

cve-2022-42725

warpinator

directory traversal

vulnerability

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

56.5%

JSON

Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links.

Affected configurations

NVD

Node

linuxmintwarpinatorRange≤1.2.14

CPENameOperatorVersion
linuxmint:warpinatorlinuxmint warpinatorle1.2.14

CPE	Name	Operator	Version
linuxmint:warpinator	linuxmint warpinator	le	1.2.14

References

www.openwall.com/lists/oss-security/2022/10/24/1

www.openwall.com/lists/oss-security/2023/04/26/1

github.com/linuxmint/warpinator/commit/5244c33d4c109ede9607b9d94461650410e2cddc

github.com/linuxmint/warpinator/commit/8bfd2f8b3f1b0c0f0a5a6d275702d107b9e08a94

github.com/linuxmint/warpinator/commit/95124fd4468683dd69ddd7b3da0e9906ce6beae2

github.com/linuxmint/warpinator/commit/f4907ef6a17a189d56ab0a9da4b53190b061ad75

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

56.5%

JSON

Related for CVE-2022-42725

nvd1 cvelist1 prion1 osv1