Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cg57-mvgj-rxvr

Опубликовано: 27 фев. 2026
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.

Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads

https://www.support.xerox.com/en-us/product/core/downloads

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.

Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads

https://www.support.xerox.com/en-us/product/core/downloads

Ссылки

EPSS

Процентиль: 29%
0.0011
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2026-2251

Дефекты

CWE-22

Связанные уязвимости

nvd логотип

CVE-2026-2251

CVSS3: 9.8
nvd
3 месяца назад

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads https://www.support.xerox.com/en-us/product/core/downloads

EPSS

Процентиль: 29%
0.0011
Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2026-2251

Дефекты

CWE-22