CVE-2022-41951 | oroinc OroPlatform up to 4.1.13/4.2.10/5.0.8 getTemporaryFileName path traversal (GHSA-9v3j-4j64-p937)

Inserito da Angelo Barbosa | Nov 28, 2023 | CVE

A vulnerability has been found in oroinc OroPlatform up to 4.1.13/4.2.10/5.0.8 and classified as critical. Affected by this vulnerability is the function FileManager::getTemporaryFileName. The manipulation leads to path traversal.

This vulnerability is known as CVE-2022-41951. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2022-41951 | oroinc OroPlatform up to 4.1.13/4.2.10/5.0.8 getTemporaryFileName path traversal (GHSA-9v3j-4j64-p937)

Post correlati

CVE-2024-1716 | Admin Bar Remover Plugin up to 1.0.2.2 on WordPress Setting authorization

CVE-2021-47494 | Linux Kernel up to 5.10.76/5.14.15 cfg80211 cfg80211_mgmt_registrations_update memory corruption (4c22227e39c7/3c897f39b71f/09b1d5dc6ce1)

CVE-2023-46144 | Phoenix Contact AXC F 1152 code download (VDE-2023-056)

CVE-2024-40833 | Apple iOS/iPadOS Shortcut access control