How severe is CVE-2021-43685?

CVE-2021-43685 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2021-43685

Name: libretime_hv
Author: libretime

9.8CRITICAL

libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerability in /blob/master/legacy/application/modules/rest/controllers/ShowImageController.php through the rename function.

Опубликовано: 12/1/2021Обновлено: 11/21/2024

Описание

libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerability in /blob/master/legacy/application/modules/rest/controllers/ShowImageController.php through the rename function.

ИИ-АнализНа базе ИИ

Затронутые продукты

libretimelibretime_hv

3.0.0

Ссылки

https://github.com/LibreTime/libretime/issues/1437
Broken LinkThird Party Advisory
https://github.com/LibreTime/libretime/issues/1437
Broken LinkThird Party Advisory