Описание
mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | needs-triage | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needs-triage | |
| focal | ignored | end of standard support, was needed |
| impish | ignored | end of life |
| jammy | needed | |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.
mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ dir ...
mat2 before 0.13.0 allows directory traversal during the ZIP archive cleaning process.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3