GHSA-p223-c4w6-q454
Suggest an improvement- Source
- https://github.com/advisories/GHSA-p223-c4w6-q454
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/06/GHSA-p223-c4w6-q454/GHSA-p223-c4w6-q454.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-p223-c4w6-q454
- Aliases
- Published
- 2023-06-01T15:30:59Z
- Modified
- 2023-11-05T05:23:57.691738Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- hawtio vulnerable to Path Traversal
- Details
-
hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.
- Database specific
{ "severity": "MODERATE", "nvd_published_at": "2023-06-01T13:15:10Z", "github_reviewed_at": "2023-06-06T02:03:57Z", "github_reviewed": true, "cwe_ids": [ "CWE-22" ] }- References
Affected packages
Maven / io.hawt:project
Package
- Name
- io.hawt:project
- View open source insights on deps.dev
- Purl
- pkg:maven/io.hawt/project
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected2.17.2
Affected versions
1.*
1.0
1.1
1.2-M1
1.2-M2
1.2-M3
1.2-M4
1.2-M5
1.2-M6
1.2-M7
1.2-M8
1.2-M9
1.2-M10
1.2-M11
1.2-M13
1.2-M14
1.2-M16
1.2-M19
1.2-M20
1.2-M22
1.2-M23
1.2-M24
1.2-M25
1.2-M26
1.2-M27
1.2.0
1.2.1
1.2.2
1.2.3
1.3.0
1.3.1
1.4.0
1.4.1
1.4.2
1.4.4
1.4.5
1.4.6
1.4.7
1.4.8
1.4.9
1.4.10
1.4.11
1.4.12
1.4.14
1.4.15
1.4.16
1.4.17
1.4.18
1.4.19
1.4.20
1.4.21
1.4.22
1.4.23
1.4.24
1.4.25
1.4.26
1.4.27
1.4.28
1.4.29
1.4.30
1.4.31
1.4.32
1.4.33
1.4.34
1.4.35
1.4.36
1.4.37
1.4.38
1.4.39
1.4.40
1.4.41
1.4.42
1.4.43
1.4.44
1.4.45
1.4.46
1.4.47
1.4.48
1.4.49
1.4.50
1.4.51
1.4.52
1.4.53
1.4.54
1.4.55
1.4.56
1.4.57
1.4.58
1.4.59
1.4.60
1.4.61
1.4.62
1.4.63
1.4.64
1.4.65
1.4.66
1.4.67
1.4.68
1.5.0
1.5.X
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.5.8
1.5.9
1.5.10
1.5.11
1.5.12
2.*
2.0-beta-1
2.0-beta-2
2.0-M1
2.0-M2
2.0-M3
2.0.0
2.0.1
2.0.2
2.0.3
2.1.0
2.2.0
2.3.0
2.4.0
2.5.0
2.6.0
2.7.0
2.7.1
2.8.0
2.9.0
2.9.1
2.10.0
2.10.1
2.10.2
2.11.0
2.11.1
2.12.0
2.12.1
2.13.0
2.13.1
2.13.2
2.13.3
2.13.4
2.13.5
2.13.6
2.14.0
2.14.1
2.14.2
2.14.3
2.14.4
2.14.5
2.15.0
2.15.1
2.15.2
2.16.0
2.16.1
2.16.2
2.16.3
2.17.0
2.17.1
2.17.2