Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-36066
HistorySep 29, 2022 - 8:15 p.m.

Remote code execution

2022-09-2920:15:00
PRIOn knowledge base
www.prio-n.com
2
discourse
open source discussion
remote code execution
stable branch
beta branch
tests-passed branch
maliciously crafted zip
gzip tar archive
arbitrary locations

0.01 Low

EPSS

Percentile

83.7%

JSON

Discourse is an open source discussion platform. In versions prior to 2.8.9 on the stable branch and prior to 2.9.0.beta10 on the beta and tests-passed branches, admins can upload a maliciously crafted Zip or Gzip Tar archive to write files at arbitrary locations and trigger remote code execution. The problem is patched in version 2.8.9 on the stable branch and version 2.9.0.beta10 on the beta and tests-passed branches. There are no known workarounds.

Related

osv 2
cve 1
cnvd 1
nvd 1
cvelist 1
openvas 1
osv
osv
BIT-discourse-2022-36066
2024-03-06 11:05:00
CVE-2022-36066
2022-09-29 20:15:09
cve
cve
CVE-2022-36066
2022-09-29 20:15:09
cnvd
cnvd
Discourse File Upload Vulnerability
2022-10-08 00:00:00
nvd
nvd
CVE-2022-36066
2022-09-29 20:15:09
cvelist
cvelist
CVE-2022-36066 Discourse vulnerable to RCE via admins uploading maliciously zipped file
2022-09-29 19:35:09
openvas
openvas
Discourse < 2.8.9, 2.9.x - 2.9.0.beta9 RCE Vulnerability
2022-10-03 00:00:00

0.01 Low

EPSS

Percentile

83.7%

JSON
Related for PRION:CVE-2022-36066
osv2cve1cnvd1nvd1cvelist1openvas1