CVE-2025-25295 | HumanSignal label-studio up to 1.0.9 image path traversal (GHSA-rgv9-w7jp-m23g)

Inserito da Angelo Barbosa | Feb 15, 2025 | CVE

A vulnerability, which was classified as critical, was found in HumanSignal label-studio up to 1.0.9. This affects an unknown part. The manipulation of the argument image leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-25295. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-25295 | HumanSignal label-studio up to 1.0.9 image path traversal (GHSA-rgv9-w7jp-m23g)

Post correlati

CVE-2024-5102 | Avast Antivirus up to 24.1 Repair unknown vulnerability

CVE-2024-7032 | Smart Online Order for Clover Plugin up to 1.5.6 on WordPress Deactivation authorization

CVE-2024-42183 | HCL BigFix Patch Management Download Plug-ins up to 1177 code download (KB0118565)

CVE-2024-31869 | Apache Airflow up to 2.8.4 Configuration UI Page information disclosure