How severe is CVE-2022-0074?

CVE-2022-0074 has a CVSS v3 score of 8.8 (HIGH).

CVE-2022-0074

Name: openlitespeed
Author: litespeedtech

8.8HIGH

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1

发布于: 10/27/2022更新于: 11/21/2024

描述

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1.

AI分析AI驱动

受影响产品

litespeedtechopenlitespeed

参考资料

https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29
ExploitThird Party Advisory
https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29
ExploitThird Party Advisory