Lucene search
GoogleOSV:CVE-2022-42125HistoryNov 15, 2022 - 1:15 a.m.
CVE-2022-42125
2022-11-1501:15:13
Google
osv.dev
6
cve-2022-42125
fileutil.unzip
liferay portal
liferay dxp
vulnerability
filesystem
plugin/module
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
45.1%
Zip slip vulnerability in FileUtil.unzip in Liferay Portal 7.4.3.5 through 7.4.3.35 and Liferay DXP 7.4 update 1 through update 34 allows attackers to create or overwrite existing files on the filesystem via the deployment of a malicious plugin/module.
Related
prion
prion
Design/Logic Flaw
2022-11-15 01:15:00
osv
osv
Path Traversal in Liferay Portal
2022-11-15 12:00:16
BIT-liferay-2022-42125
2024-01-31 15:20:25
github
github
Path Traversal in Liferay Portal
2022-11-15 12:00:16
cvelist
cvelist
CVE-2022-42125
2022-11-15 00:00:00
nvd
nvd
CVE-2022-42125
2022-11-15 01:15:13
cve
cve
CVE-2022-42125
2022-11-15 01:15:13
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
45.1%
Related for OSV:CVE-2022-42125