Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-23082: Open Source Vulnerability Database | Mend

In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function ‘isFileOutsideDir’ fails to sanitize the user input which may lead to path traversal.

CVE
#vulnerability

Mend Vulnerability Database

Mend Vulnerability Lab is where you can find the information that you need about open source security vulnerabilities, aggregated by Mend’s comprehensive open source vulnerabilities database from hundreds of both popular and under-the-radar community resources.

The Mend open source vulnerabilities database covers over 200 programming languages and over 3 million open source components. It aggregates information from a variety of sources including the NVD, security advisories, and open source project issue trackers, multiple times a day.

We’re here to help you find and fix open source security vulnerabilities, and provide you with all of the data that you need in order to address open source vulnerabilities, including:

  • Programming language
  • CWE type
  • CVSS Severity scores, including CVSS v2.0 and v3.x
  • Exposure level (how many organizations have been impacted)
  • Verified suggested fixes
  • The low-down from the community
  • Additional info to help make informed remediation decisions

Related news

GHSA-m9vj-44f3-78xw: Path traversal in CureKit

CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function `isFileOutsideDir` fails to sanitize the user input which may lead to path traversal.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907