CVE-2022-26505

Опубликовано: 06 мар. 2022

Источник: debian

EPSS Низкий

Описание

A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.

Пакет	Статус	Версия исправления	Релиз	Тип
minidlna	fixed	1.3.0+dfsg-2.2		package
minidlna	fixed	1.3.0+dfsg-2+deb11u1	bullseye	package
minidlna	fixed	1.2.1+dfsg-2+deb10u3	buster	package

https://sourceforge.net/p/minidlna/git/ci/c21208508dbc131712281ec5340687e5ae89e940/
https://www.openwall.com/lists/oss-security/2022/03/03/1

EPSS

Процентиль: 37%

0.00155

Низкий

CVE-2022-26505

CVSS3: 7.4

ubuntu

больше 3 лет назад

A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.

CVE-2022-26505

CVSS3: 7.4

nvd

больше 3 лет назад

A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.

openSUSE-SU-2022:0079-1

suse-cvrf

больше 3 лет назад

Security update for minidlna

GHSA-xw94-4rmp-7qw5

CVSS3: 7.4

github

больше 3 лет назад

A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.

EPSS

Процентиль: 37%

0.00155

Низкий