CVE-2022-41958

super-xray is a web vulnerability scanning tool. Versions prior to 0.7 assumed trusted input for the program config which is stored in a yaml file. An attacker with local access to the file could exploit this and compromise the program. This issue has been addressed in commit `4d0d5966` and will be included in future releases. Users are advised to upgrade. There are no known workarounds for this issue.
Configurations

Configuration 1

cpe:2.3:a:super_xray_project:super_xray:*:*:*:*:*:*:*:*

Information

Published : 2022-11-25 06:15

Updated : 2022-11-30 08:16


NVD link : CVE-2022-41958

Mitre link : CVE-2022-41958

Products Affected
No products.
CWE
CWE-502

Deserialization of Untrusted Data