CVE-2021-33178

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-33178
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-33178.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-33178
Related
Published
2021-10-14T15:15:09Z
Modified
2024-10-12T07:37:08.689861Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
Summary
[none]
Details

The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system.

References

Affected packages

Debian:11 / nagvis

Package

Name
nagvis
Purl
pkg:deb/debian/nagvis?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.9.25-2
1:1.9.26-1~exp1
1:1.9.27-1~exp1
1:1.9.27-1
1:1.9.28-1
1:1.9.29-1
1:1.9.30-1
1:1.9.31-1
1:1.9.32-1
1:1.9.33-1
1:1.9.34-1
1:1.9.35-1~exp1
1:1.9.35-1
1:1.9.36-1
1:1.9.37-1
1:1.9.38-1
1:1.9.39-1
1:1.9.40-1
1:1.9.41-1
1:1.9.42-1
1:1.9.43-1
1:1.9.44-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / nagvis

Package

Name
nagvis
Purl
pkg:deb/debian/nagvis?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.9.29-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / nagvis

Package

Name
nagvis
Purl
pkg:deb/debian/nagvis?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.9.29-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/nagvis/nagvis

Affected ranges

Type
GIT
Repo
https://github.com/nagvis/nagvis
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

nagvis-1.*

nagvis-1.0.0
nagvis-1.1.0
nagvis-1.1.1
nagvis-1.1.2
nagvis-1.2.0
nagvis-1.2.1
nagvis-1.2.2
nagvis-1.3.0
nagvis-1.4.0
nagvis-1.4.1
nagvis-1.5.0
nagvis-1.5.1
nagvis-1.5.2
nagvis-1.5.3
nagvis-1.5.4
nagvis-1.5.5
nagvis-1.5b1
nagvis-1.5b2
nagvis-1.5b3
nagvis-1.5b4
nagvis-1.5rc1
nagvis-1.5rc2
nagvis-1.5rc3
nagvis-1.6.0
nagvis-1.6.1
nagvis-1.6.2
nagvis-1.6.3
nagvis-1.6.4
nagvis-1.6b1
nagvis-1.6b2
nagvis-1.6b3
nagvis-1.6rc1
nagvis-1.6rc2
nagvis-1.6rc3
nagvis-1.6rc4
nagvis-1.7.0
nagvis-1.7.1
nagvis-1.7.2
nagvis-1.7.3
nagvis-1.7.4
nagvis-1.7.5
nagvis-1.7.6
nagvis-1.7.7
nagvis-1.7.8
nagvis-1.7.9
nagvis-1.7b1
nagvis-1.7b2
nagvis-1.7b3
nagvis-1.8.0
nagvis-1.8b1
nagvis-1.8b2
nagvis-1.8b3
nagvis-1.8b4
nagvis-1.8b5
nagvis-1.8b6
nagvis-1.8b7
nagvis-1.8rc1
nagvis-1.8rc2
nagvis-1.8rc3
nagvis-1.9.0
nagvis-1.9.1
nagvis-1.9.10
nagvis-1.9.11
nagvis-1.9.12
nagvis-1.9.13
nagvis-1.9.14
nagvis-1.9.15
nagvis-1.9.16
nagvis-1.9.17
nagvis-1.9.18
nagvis-1.9.19
nagvis-1.9.2
nagvis-1.9.20
nagvis-1.9.21
nagvis-1.9.22
nagvis-1.9.23
nagvis-1.9.24
nagvis-1.9.25
nagvis-1.9.26
nagvis-1.9.27
nagvis-1.9.28
nagvis-1.9.3
nagvis-1.9.4
nagvis-1.9.5
nagvis-1.9.6
nagvis-1.9.7
nagvis-1.9.8
nagvis-1.9.9
nagvis-1.9a1
nagvis-1.9b1
nagvis-1.9b10
nagvis-1.9b11
nagvis-1.9b12
nagvis-1.9b13
nagvis-1.9b14
nagvis-1.9b15
nagvis-1.9b16
nagvis-1.9b17
nagvis-1.9b18
nagvis-1.9b19
nagvis-1.9b2
nagvis-1.9b3
nagvis-1.9b4
nagvis-1.9b5
nagvis-1.9b6
nagvis-1.9b7
nagvis-1.9b8
nagvis-1.9b9