EPSS
Percentile
61.3%
CureKit is vulnerable to path traversal. The vulnerability exists in isFileOutsideDir function in FileSecurityUtils.java because it doesn’t properly sanitize the user inputs which allows an attacker to gain access to the files in the system.
isFileOutsideDir
FileSecurityUtils.java
github.com/advisories/GHSA-m9vj-44f3-78xw
github.com/whitesource/CureKit/commit/af35e870ed09411d2f1fae6db1b04598cd1a31b6
www.mend.io/vulnerability-database/CVE-2022-23082