Lucene search

GoogleOSV:CVE-2022-36081

HistorySep 07, 2022 - 9:15 p.m.

CVE-2022-36081

2022-09-0721:15:08

Google

osv.dev

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.7%

JSON

Wikmd is a file based wiki that uses markdown. Prior to version 1.7.1, Wikmd is vulnerable to path traversal when accessing /list/<path:folderpath> and discloses lists of files located on the server including sensitive data. Version 1.7.1 fixes this issue.

CPENameOperatorVersion
wikmdeq1.4.2
wikmdeq1.1
wikmdeq1.4.3
wikmdeq1.3
wikmdeq1.5
wikmdeq1.5.1
wikmdeq1.6.2
wikmdeq1.4
wikmdeq1.6.1
wikmdeq1.0

Name	Operator	Version
wikmd	eq	1.4.2
wikmd	eq	1.1
wikmd	eq	1.4.3
wikmd	eq	1.3
wikmd	eq	1.5
wikmd	eq	1.5.1
wikmd	eq	1.6.2
wikmd	eq	1.4
wikmd	eq	1.6.1
wikmd	eq	1.0

Rows per page:

1-10 of 151

References

github.com/Linbreux/wikmd/commit/8d1f94ec86b5b6c3df8ef10051facfb511a78450

github.com/Linbreux/wikmd/security/advisories/GHSA-w4cf-92x9-v8w2

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.7%

JSON

Related for OSV:CVE-2022-36081