CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-23082

In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/whitesource/CureKit/commit/af35e870ed09411d2f1fae6db1b04598cd1a31b6
https://www.mend.io/vulnerability-database/CVE-2022-23082
https://github.com/whitesource/CureKit/commit/af35e870ed09411d2f1fae6db1b04598cd1a31b6
https://www.mend.io/vulnerability-database/CVE-2022-23082

Products affected by CVE-2022-23082

Mend » Curekit » Version: 1.0.1

cpe:2.3:a:mend:curekit:1.0.1
Mend » Curekit » Version: 1.0.2

cpe:2.3:a:mend:curekit:1.0.2
Mend » Curekit » Version: 1.0.3

cpe:2.3:a:mend:curekit:1.0.3
Mend » Curekit » Version: 1.1.0

cpe:2.3:a:mend:curekit:1.1.0
Mend » Curekit » Version: 1.1.1

cpe:2.3:a:mend:curekit:1.1.1
Mend » Curekit » Version: 1.1.3

cpe:2.3:a:mend:curekit:1.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-23082

Products

Pricing

Contact Us