Lucene search
GitHub Advisory DatabaseGHSA-4V5M-VWVP-P7W8HistorySep 21, 2022 - 12:00 a.m.
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
2022-09-2100:00:39
CWE-434
GitHub Advisory Database
github.com
17
pagekit
storage feature
file upload
vulnerability
attacker
malicious files
software
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
62.0%
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files
Affected configurations
Node
pagekitpagekitRange≤1.0.18
Related
cvelist
cvelist
CVE-2022-38916
2022-09-20 16:09:40
prion
prion
Unrestricted file upload
2022-09-20 17:15:00
osv
osv
CVE-2022-38916
2022-09-20 17:15:09
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
2022-09-21 00:00:39
cve
cve
CVE-2022-38916
2022-09-20 17:15:09
veracode
veracode
Arbitrary File Upload
2022-09-22 07:49:50
nvd
nvd
CVE-2022-38916
2022-09-20 17:15:09
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
62.0%
Related for GHSA-4V5M-VWVP-P7W8