Unrestricted Upload of File with Dangerous Type in ampache/ampache
CVE-2022-4665

3.1LOW

Key Information:

Vendor: Ampache
Status: Ampache/ampache
Vendor: CVE Published:; 23 December 2022

🔔 Create Ampache Vulnerability Alert

What is CVE-2022-4665?

Unrestricted Upload of File with Dangerous Type in GitHub repository ampache/ampache prior to 5.5.6.

Affected Version(s)

ampache/ampache < 5.5.6

References

https://huntr.dev/bounties/5e7f3ecc-3b08-4e0e-8bf8-ae7ae2...

https://github.com/ampache/ampache/commit/8293fa86e5f50a1...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

CVSS V3.0

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 23, 2022
Vulnerability Reserved
Dec 23, 2022