5 matches found
CVE-2022-25299
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write files to arbitrary locations outside the designated target folder...
UBUNTU-CVE-2022-25299
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write files to arbitrary locations outside the designated target folder...
CVE-2022-25299
CVE-2022-25299 affects the cesanta/mongoose package before 7.6. The root cause is unsafe handling of file names during upload via mg_http_upload(), which may allow attackers to write files to arbitrary locations outside the designated target folder. No remediation details are provided in the conn...
CVE-2022-25299 Arbitrary File Write
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write files to arbitrary locations outside the designated target folder...
CVE-2022-25299
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write files to arbitrary locations outside the designated target folder...