CVE-2022-4244

high

Description

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.

References

Advisories

https://bugzilla.redhat.com/show_bug.cgi?id=2149841

https://access.redhat.com/security/cve/CVE-2022-4244

https://access.redhat.com/errata/RHSA-2023:3906

https://access.redhat.com/errata/RHSA-2023:2135

Details

Source: Mitre, NVD

Published: 2023-09-25

Updated: 2025-05-05

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00369