Apache Fineract allowed an authenticated user to perform remote code execution due to a path traversal vulnerability in a file upload component of Apache Fineract, allowing an attacker to run remote code. This issue affects Apache Fineract version 1.8.0 and prior versions. We recommend users to upgrade to 1.8.1.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/11/29/3 | Mailing List Third Party Advisory |
https://lists.apache.org/thread/t8q6fmh3o6yqmy69qtqxppk9yg9wfybg | Mailing List Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2022-11-29T00:00:00
Updated: 2022-11-29T00:00:00
Reserved: 2022-11-02T00:00:00
Link: CVE-2022-44635
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-11-29T15:15:10.897
Modified: 2022-12-01T21:24:36.790
Link: CVE-2022-44635
JSON object: View
Redhat Information
No data.
CWE