Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-m589-mv4q-p7rj: webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URL

An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL.

ghsa
Open in Source
#web#git
  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2022-45299

webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URL

Moderate severity GitHub Reviewed Published Jan 13, 2023 • Updated Jan 14, 2023

Package

cargo webbrowser (Rust)

Affected versions

< 0.8.3

Description

Related news

CVE-2022-45299: GitHub - offalltn/CVE-2022-45299: CVE 2022-45299

An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL.

ghsa: Latest News

GHSA-p85q-mww9-gwqf: Citizen Short Description stored XSS vulnerability through wikitext
ghsa