exploitDog

GHSA-6x73-fpg4-64pm

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine before 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request.

In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine before 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request.

Ссылки

EPSS

Процентиль: 69%

0.00593

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2017-16922

CVSS3: 5.3

nvd

почти 8 лет назад

In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine before 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request.

EPSS

Процентиль: 69%

0.00593

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-22