CVE-2022-28544
published 2022-04-11CVE-2022-28544: Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | subversion | >= 0 < 1.13.0-3ubuntu0.1 | 1.13.0-3ubuntu0.1 |
| apache | subversion | >= 0 < 1.14.1-3ubuntu0.22.04.1 | 1.14.1-3ubuntu0.22.04.1 |
| samsung | galaxy_store | < 4.5.40.5 | 4.5.40.5 |
| samsung_mobile | galaxy_store | >= - < 4.5.40.5 | 4.5.40.5 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
osv4.3MEDIUM