ГлавнаяУязвимости → CVE-2026-31831
7.5высокая

CVE-2026-31831

Описание

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. This issue has been patched in version 2.17.0.

Затрагиваемое ПО
Tautulli Tautulli
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://github.com/Tautulli/Tautulli/releases/tag/v2.17.0https://github.com/Tautulli/Tautulli/security/advisories/GHSA-xp55-2pf4-fv8mhttps://github.com/Tautulli/Tautulli/security/advisories/GHSA-xp55-2pf4-fv8m