CVE-2023-33544

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-33544

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-33544.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-33544

Aliases

GHSA-p223-c4w6-q454

Published

2023-06-01T13:15:10.637Z

Modified

2025-11-15T06:34:07.289337Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.

References

https://github.com/hawtio/hawtio/issues/2832

Affected packages

Git / github.com/hawtio/hawtio

Affected ranges

Type: GIT
Repo: https://github.com/hawtio/hawtio
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

40c942f4b09362e42aab7c4273eb1d47995d6f19

Affected versions

hawtio-1.*

hawtio-1.0

hawtio-1.1-SNAPSHOT

hawtio-1.2-M10

hawtio-1.2-M11

hawtio-1.2-M12

hawtio-1.2-M13

hawtio-1.2-M14

hawtio-1.2-M15

hawtio-1.2-M16

hawtio-1.2-M17

hawtio-1.2-M18

hawtio-1.2-M19

hawtio-1.2-M2

hawtio-1.2-M20

hawtio-1.2-M21

hawtio-1.2-M22

hawtio-1.2-M23

hawtio-1.2-M24

hawtio-1.2-M25

hawtio-1.2-M26

hawtio-1.2-M27

hawtio-1.2-M3

hawtio-1.2-M4

hawtio-1.2-M5

hawtio-1.2-M6

hawtio-1.2-M7

hawtio-1.2-M8

hawtio-1.2-M9

hawtio-1.2-SNAPSHOT

hawtio-1.2.0

hawtio-1.2.1

hawtio-1.2.2

hawtio-1.2.3

hawtio-1.3.0

hawtio-1.3.1

hawtio-1.4.0

hawtio-1.4.1

hawtio-1.4.10

hawtio-1.4.11

hawtio-1.4.12

hawtio-1.4.14

hawtio-1.4.15

hawtio-1.4.16

hawtio-1.4.17

hawtio-1.4.18

hawtio-1.4.19

hawtio-1.4.2

hawtio-1.4.20

hawtio-1.4.21

hawtio-1.4.22

hawtio-1.4.23

hawtio-1.4.24

hawtio-1.4.25

hawtio-1.4.26

hawtio-1.4.27

hawtio-1.4.28

hawtio-1.4.29

hawtio-1.4.3

hawtio-1.4.30

hawtio-1.4.31

hawtio-1.4.32

hawtio-1.4.33

hawtio-1.4.34

hawtio-1.4.35

hawtio-1.4.36

hawtio-1.4.37

hawtio-1.4.38

hawtio-1.4.39

hawtio-1.4.4

hawtio-1.4.40

hawtio-1.4.41

hawtio-1.4.42

hawtio-1.4.43

hawtio-1.4.44

hawtio-1.4.45

hawtio-1.4.46

hawtio-1.4.47

hawtio-1.4.48

hawtio-1.4.49

hawtio-1.4.5

hawtio-1.4.50

hawtio-1.4.51

hawtio-1.4.52

hawtio-1.4.53

hawtio-1.4.54

hawtio-1.4.55

hawtio-1.4.56

hawtio-1.4.57

hawtio-1.4.58

hawtio-1.4.59

hawtio-1.4.6

hawtio-1.4.60

hawtio-1.4.61

hawtio-1.4.62

hawtio-1.4.63

hawtio-1.4.64

hawtio-1.4.65

hawtio-1.4.66

hawtio-1.4.67

hawtio-1.4.68

hawtio-1.4.7

hawtio-1.4.8

hawtio-1.4.9

hawtio-1.5.0

hawtio-1.5.1

hawtio-1.5.10

hawtio-1.5.11

hawtio-1.5.2

hawtio-1.5.3

hawtio-1.5.4

hawtio-1.5.5

hawtio-1.5.6

hawtio-1.5.7

hawtio-1.5.8

hawtio-1.5.9

hawtio-1.5.X

hawtio-2.*

hawtio-2.0-M1

hawtio-2.0-M2

hawtio-2.0-M3

hawtio-2.0-beta-1

hawtio-2.0-beta-2

hawtio-2.0.1

hawtio-2.0.2

hawtio-2.1.0

hawtio-2.10.0

hawtio-2.10.1

hawtio-2.10.2

hawtio-2.11.0

hawtio-2.11.1

hawtio-2.12.0

hawtio-2.12.1

hawtio-2.13.0

hawtio-2.13.1

hawtio-2.13.2

hawtio-2.13.3

hawtio-2.13.4

hawtio-2.13.5

hawtio-2.13.6

hawtio-2.14.0

hawtio-2.14.1

hawtio-2.14.2

hawtio-2.14.3

hawtio-2.14.4

hawtio-2.14.5

hawtio-2.15.0

hawtio-2.15.1

hawtio-2.15.2

hawtio-2.16.0

hawtio-2.16.1

hawtio-2.16.2

hawtio-2.16.3

hawtio-2.17.0

hawtio-2.17.1

hawtio-2.17.2

hawtio-2.2.0

hawtio-2.3.0

hawtio-2.4.0

hawtio-2.5.0

hawtio-2.6.0

hawtio-2.7.0

hawtio-2.7.1

hawtio-2.8.0

hawtio-2.9.0

hawtio-2.9.1

project-2.*

project-2.0.0

v0.*

v0.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-33544.json"