First published: Wed Sep 21 2022(Updated: )
Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.
Credit: security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Octoprint Octoprint | <1.8.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-2872 is a vulnerability that allows unrestricted upload of files with dangerous types in the GitHub repository octoprint/octoprint prior to version 1.8.3.
The severity of CVE-2022-2872 is medium with a CVSS score of 5.4.
CVE-2022-2872 affects Octoprint versions prior to 1.8.3 by allowing unrestricted upload of files with dangerous types.
To fix CVE-2022-2872, update Octoprint to version 1.8.3 or later.
More information about CVE-2022-2872 can be found in the references provided: - [GitHub Commit](https://github.com/octoprint/octoprint/commit/3e3c11811e216fb371a33e28412df83f9701e5b0) - [Huntr Bounty](https://huntr.dev/bounties/b966c74d-6f3f-49fe-b40a-eaf25e362c56)