GHSA-65xf-588v-56fv

Опубликовано: 30 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An issue in the _readFileSync function of Simple-Spellchecker v1.0.2 allows attackers to read arbitrary files via a directory traversal.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2024-46503
https://gist.github.com/guilherme-goncalves793/30d62c12fffd18d4058f4aebe188f462
https://gist.github.com/guilherme-goncalves793/9c3125c6c8e33e0d9216847118137c63

7.5 High

CVSS3

CVE ID

CVE-2024-46503

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-46503

nvd

больше 1 года назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

7.5 High

CVSS3

CVE ID

CVE-2024-46503

Дефекты

CWE-22