CVE-2024-33103

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-33103

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-33103.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-33103

Published

2024-04-30T18:15:19Z

Modified

2025-07-03T02:07:44.724537Z

Summary

[none]

Details

An arbitrary file upload vulnerability in the Media Manager component of DokuWiki 2024-02-06a allows attackers to execute arbitrary code by uploading a crafted SVG file. NOTE: as noted in the 4267 issue reference, there is a position that exploitability can only occur with a misconfiguration of the product.

References

Affected packages

Debian:11 / dokuwiki

Package

Name: dokuwiki
Purl: pkg:deb/debian/dokuwiki?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.0.20180422.a-2.1

0.0.20200729-0.1~bpo11+1

0.0.20200729-0.1

0.0.20220317~gitaeff85c-0.1~exp1

0.0.20220731.a-1

0.0.20220731.a-2

0.0.20220731.a-3

Other

2024-02-06b-0exp1

2024-02-06b-0exp2

2024-02-06b-0exp3

2024-02-06b-0exp4

2024-02-06b+dfsg-0exp1

2024-02-06b+dfsg-0exp2

2024-02-06b+dfsg-1

2024-02-06b+dfsg-2

2024-02-06b+dfsg-3

2024-02-06b+dfsg-4

2024-02-06b+dfsg-5

2024-02-06b+dfsg-6

2024-02-06b+dfsg-7

2024-02-06b+dfsg-8

2024-02-06b+dfsg-9

2025-05-14+dfsg-1

2025-05-14.*

2025-05-14.a+dfsg-1

2025-05-14.a+dfsg-2

2025-05-14.a+dfsg-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / dokuwiki

Package

Name: dokuwiki
Purl: pkg:deb/debian/dokuwiki?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.0.20220731.a-2

0.0.20220731.a-3

Other

2024-02-06b-0exp1

2024-02-06b-0exp2

2024-02-06b-0exp3

2024-02-06b-0exp4

2024-02-06b+dfsg-0exp1

2024-02-06b+dfsg-0exp2

2024-02-06b+dfsg-1

2024-02-06b+dfsg-2

2024-02-06b+dfsg-3

2024-02-06b+dfsg-4

2024-02-06b+dfsg-5

2024-02-06b+dfsg-6

2024-02-06b+dfsg-7

2024-02-06b+dfsg-8

2024-02-06b+dfsg-9

2025-05-14+dfsg-1

2025-05-14.*

2025-05-14.a+dfsg-1

2025-05-14.a+dfsg-2

2025-05-14.a+dfsg-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / dokuwiki

Package

Name: dokuwiki
Purl: pkg:deb/debian/dokuwiki?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.0.20220731.a-2

0.0.20220731.a-3

Other

2024-02-06b-0exp1

2024-02-06b-0exp2

2024-02-06b-0exp3

2024-02-06b-0exp4

2024-02-06b+dfsg-0exp1

2024-02-06b+dfsg-0exp2

2024-02-06b+dfsg-1

2024-02-06b+dfsg-2

2024-02-06b+dfsg-3

2024-02-06b+dfsg-4

2024-02-06b+dfsg-5

2024-02-06b+dfsg-6

2024-02-06b+dfsg-7

2024-02-06b+dfsg-8

2024-02-06b+dfsg-9

2025-05-14+dfsg-1

2025-05-14.*

2025-05-14.a+dfsg-1

2025-05-14.a+dfsg-2

2025-05-14.a+dfsg-3

Ecosystem specific

{
    "urgency": "unimportant"
}