First published: Thu Dec 01 2022(Updated: )
A flaw was found in plexus-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with dot-dot-slash (`../`) sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
maven/org.codehaus.plexus:plexus-utils | <3.0.24 | 3.0.24 |
Codehaus-plexus Project Codehaus-plexus | <3.0.24 | |
Redhat Integration Camel K | <1.10.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-4244 is a vulnerability that allows directory traversal attacks in plexus-codehaus.
A directory traversal attack, also known as a path traversal attack, aims to access files and directories stored outside the intended folder.
CVE-2022-4244 has a severity rating of 7.5 (High).
The affected software includes codehaus-plexus version up to 3.0.24, Codehaus-plexus Project Codehaus-plexus up to version 3.0.24, Redhat Integration Camel K up to version 1.10.1, and org.codehaus.plexus:plexus-utils up to version 3.0.24.
To fix the CVE-2022-4244 vulnerability, update the affected software to version 3.0.24 or later.