CVE-2022-23082 Vulnerability in maven package io.whitesource:curekit

Description

In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal.

Remediation

References

https://www.mend.io/vulnerability-database/CVE-2022-23082

https://github.com/whitesource/CureKit/commit/af35e870ed09411d2f1fae6db1b04598cd1a31b6

Related Vulnerabilities

CVE-2020-2276 Vulnerability in maven package org.jenkins-ci.plugins:selection-tasks-plugin

CVE-2023-26480 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livedata-macro

CVE-2018-1000055 Vulnerability in maven package org.jvnet.hudson.plugins:android-lint

CVE-2022-29823 Vulnerability in npm package feathers-sequelize

CVE-2015-0254 Vulnerability in maven package javax.servlet.jsp.jstl:jstl

Severity

High

Classification

CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N