mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-07-08T17:35:23

Updated: 2024-08-03T09:36:44.366Z

Reserved: 2022-07-08T00:00:00

Link: CVE-2022-35410

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-07-08T18:15:10.103

Modified: 2024-11-21T07:11:07.333

Link: CVE-2022-35410

cve-icon Redhat

No data.