Количество 2
Количество 2
CVE-2024-42468
openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. CometVisuServlet in versions prior to 4.2.1 is susceptible to an unauthenticated path traversal vulnerability. Local files on the server can be requested via HTTP GET on the CometVisuServlet. This issue may lead to information disclosure. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch.
GHSA-pcwp-26pw-j98w
CometVisu Backend for openHAB has a path traversal vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-42468 openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. CometVisuServlet in versions prior to 4.2.1 is susceptible to an unauthenticated path traversal vulnerability. Local files on the server can be requested via HTTP GET on the CometVisuServlet. This issue may lead to information disclosure. Users should upgrade to version 4.2.1 of the CometVisu add-on of openHAB to receive a patch. | CVSS3: 5.3 | 2% Низкий | больше 1 года назад |
| GHSA-pcwp-26pw-j98w CometVisu Backend for openHAB has a path traversal vulnerability | CVSS3: 5.3 | 2% Низкий | больше 1 года назад |
Уязвимостей на страницу