Path Traversal due to `send_file` call in GitHub repository clinical-genomics/scout prior to 4.52.
References
Link | Resource |
---|---|
https://github.com/clinical-genomics/scout/commit/952a2e2319af2d95d22b017a561730feac086ff1 | Patch Third Party Advisory |
https://huntr.dev/bounties/7acac778-5ba4-4f02-99e2-e4e17a81e600 | Exploit Patch Third Party Advisory |
Configurations
Information
Published : 2022-05-03 02:15
Updated : 2022-05-10 06:47
NVD link : CVE-2022-1554
Mitre link : CVE-2022-1554
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
clinical-genomics
- scout