Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-45133

Опубликовано: 22 авг. 2025
Источник: debian
EPSS Низкий

Описание

Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mahararemovedpackage

EPSS

Процентиль: 30%
0.00111
Низкий

Связанные уязвимости

nvd логотип

CVE-2022-45133

CVSS3: 6.5
nvd
6 месяцев назад

Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.

github логотип

GHSA-fvcq-f7qr-c3pm

CVSS3: 6.5
github
6 месяцев назад

Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.

EPSS

Процентиль: 30%
0.00111
Низкий