CVE-2022-4885

Name of the Vulnerable Software and Affected Versions sviehb jefferson versions up to 0.3

Description A critical vulnerability has been found in the sviehb/jefferson JFFS2 filesystem extraction tool, affecting unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high, and the exploitation appears to be difficult.

Recommendations For versions up to 0.3, upgrade to version 0.4 to address this issue. As a temporary workaround, consider restricting access to the src/scripts/jefferson file until the upgrade is applied.