mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-08T17:35:23
Updated: 2024-08-03T09:36:44.366Z
Reserved: 2022-07-08T00:00:00
Link: CVE-2022-35410
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-07-08T18:15:10.103
Modified: 2024-11-21T07:11:07.333
Link: CVE-2022-35410
Redhat
No data.