ГлавнаяУязвимости → CVE-2024-22050
7.5высокая

CVE-2024-22050

Описание

Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs.

Затрагиваемое ПО
Boazsegev Iodine
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://github.com/advisories/GHSA-85rf-xh54-whp3https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949889https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3https://github.com/advisories/GHSA-85rf-xh54-whp3https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949889https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3