exploitDog

GHSA-g3cv-mvp2-4vfj

Опубликовано: 26 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

In Philips (formerly Carestream) Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root.

In Philips (formerly Carestream) Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root.

Ссылки

EPSS

Процентиль: 61%

0.00419

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2021-39369

CVSS3: 6.5

nvd

около 3 лет назад

In Philips (formerly Carestream) Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root.

EPSS

Процентиль: 61%

0.00419

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-22