CVE-2022-26652

NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nats:nats_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nats:nats_streaming_server:*:*:*:*:*:*:*:*

Information

Published : 2022-03-10 09:47

Updated : 2022-03-17 18:44


NVD link : CVE-2022-26652

Mitre link : CVE-2022-26652


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

nats

  • nats_streaming_server
  • nats_server