Vulnerability Details CVE-2022-22701
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2022-22701
-
cpe:2.3:a:partkeepr:partkeepr:0.1
-
cpe:2.3:a:partkeepr:partkeepr:0.1.1
-
cpe:2.3:a:partkeepr:partkeepr:0.1.2
-
cpe:2.3:a:partkeepr:partkeepr:0.1.3
-
cpe:2.3:a:partkeepr:partkeepr:0.1.4
-
cpe:2.3:a:partkeepr:partkeepr:0.1.5
-
cpe:2.3:a:partkeepr:partkeepr:0.1.6
-
cpe:2.3:a:partkeepr:partkeepr:0.1.6.1
-
cpe:2.3:a:partkeepr:partkeepr:0.1.7
-
cpe:2.3:a:partkeepr:partkeepr:0.1.8
-
cpe:2.3:a:partkeepr:partkeepr:0.1.9
-
cpe:2.3:a:partkeepr:partkeepr:0.11
-
cpe:2.3:a:partkeepr:partkeepr:0.11a
-
cpe:2.3:a:partkeepr:partkeepr:0.16
-
cpe:2.3:a:partkeepr:partkeepr:0.75
-
cpe:2.3:a:partkeepr:partkeepr:0.76
-
cpe:2.3:a:partkeepr:partkeepr:0.77
-
cpe:2.3:a:partkeepr:partkeepr:0.78
-
cpe:2.3:a:partkeepr:partkeepr:0.79
-
cpe:2.3:a:partkeepr:partkeepr:0.80
-
cpe:2.3:a:partkeepr:partkeepr:0.81
-
cpe:2.3:a:partkeepr:partkeepr:0.82
-
cpe:2.3:a:partkeepr:partkeepr:1.0.0
-
cpe:2.3:a:partkeepr:partkeepr:1.1.0
-
cpe:2.3:a:partkeepr:partkeepr:1.2.0
-
cpe:2.3:a:partkeepr:partkeepr:1.3.0
-
cpe:2.3:a:partkeepr:partkeepr:1.4.0