Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/10/24/1 | Exploit Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2023/04/26/1 | |
https://github.com/linuxmint/warpinator/commit/5244c33d4c109ede9607b9d94461650410e2cddc | Patch Third Party Advisory |
https://github.com/linuxmint/warpinator/commit/8bfd2f8b3f1b0c0f0a5a6d275702d107b9e08a94 | Patch Third Party Advisory |
https://github.com/linuxmint/warpinator/commit/95124fd4468683dd69ddd7b3da0e9906ce6beae2 | Patch Third Party Advisory |
https://github.com/linuxmint/warpinator/commit/f4907ef6a17a189d56ab0a9da4b53190b061ad75 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-10T00:00:00
Updated: 2023-04-26T00:00:00
Reserved: 2022-10-10T00:00:00
Link: CVE-2022-42725
JSON object: View
NVD Information
Status : Modified
Published: 2022-10-10T05:15:09.330
Modified: 2023-04-26T12:15:09.560
Link: CVE-2022-42725
JSON object: View
Redhat Information
No data.
CWE