CVE-2022-4583

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-4583
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4583.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-4583
Published
2022-12-17T13:15:09Z
Modified
2025-01-08T14:28:00.898109Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in jLEMS. It has been declared as critical. Affected by this vulnerability is the function unpackJar of the file src/main/java/org/lemsml/jlems/io/util/JUtil.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 8c224637d7d561076364a9e3c2c375daeaf463dc. It is recommended to apply a patch to fix this issue. The identifier VDB-216169 was assigned to this vulnerability.

References

Affected packages

Git / github.com/lems/jlems

Affected ranges

Type
GIT
Repo
https://github.com/lems/jlems
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

0.*

0.9.7.0

NMLv2.*

NMLv2.0
NMLv2.1

Other

NMLv2beta1
NMLv2beta2
NMLv2beta3
NMLv2beta4
NMLv2beta5

v0.*

v0.10.3
v0.10.5
v0.10.6
v0.9.8.9
v0.9.9.0
v0.9.9.1