Headline
CVE-2022-23082: Open Source Vulnerability Database | Mend
In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function ‘isFileOutsideDir’ fails to sanitize the user input which may lead to path traversal.
Mend Vulnerability Database
Mend Vulnerability Lab is where you can find the information that you need about open source security vulnerabilities, aggregated by Mend’s comprehensive open source vulnerabilities database from hundreds of both popular and under-the-radar community resources.
The Mend open source vulnerabilities database covers over 200 programming languages and over 3 million open source components. It aggregates information from a variety of sources including the NVD, security advisories, and open source project issue trackers, multiple times a day.
We’re here to help you find and fix open source security vulnerabilities, and provide you with all of the data that you need in order to address open source vulnerabilities, including:
- Programming language
- CWE type
- CVSS Severity scores, including CVSS v2.0 and v3.x
- Exposure level (how many organizations have been impacted)
- Verified suggested fixes
- The low-down from the community
- Additional info to help make informed remediation decisions
Related news
CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function `isFileOutsideDir` fails to sanitize the user input which may lead to path traversal.