5 matches found
CVE-2022-22701
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files...
CVE-2022-22701
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files...
CVE-2022-22701
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files...
CVE-2022-22701
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files...
CVE-2022-22701
PartKeepr vulnerability (CVE-2022-22701) affects PartKeepr up to v1.4.0 and is triggered when loading attachments by URL, enabling the use of the file:// URI scheme. An authenticated user can read local files due to how attachments are loaded during part creation. Impact is read access to local f...