ГлавнаяУязвимости → CVE-2026-33588
8.1высокая

CVE-2026-33588

Описание

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal.

Затрагиваемое ПО
Lfnovo Open-notebook
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Источники
https://github.com/lfnovo/open-notebook/security/advisories/GHSA-x4q2-89g5-594v