PT-2023-15473 · Kraken · Kraken

Yhy0O

·

Publicado

2023-01-20

·

Atualizado

2023-05-17

·

CVE-2022-47747

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions kraken versions 0.1.4 and earlier
Description The issue is related to an arbitrary file read vulnerability. It affects the component testfs.
Recommendations For kraken versions 0.1.4 and earlier, consider restricting access to the testfs component until a patch is available.

Exploit

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2022-47747
GHSA-HJ4G-4W36-X8HP
GO-2023-1505

Produtos afetados

Kraken