CVE Vulnerability

CVE-2020-36647

A vulnerability classified as critical has been found in YunoHost-Apps transmission_ynh. Affected is an unknown function of the file conf/nginx.conf. The manipulation leads to path traversal. The name of the patch is f136dfd44eda128129e5fd2d850a3a3c600e6a4a. It is recommended to apply a patch to fix this issue. VDB-217638 is the identifier assigned to this vulnerability.

5.3 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/YunoHost-Apps/transmission_ynh/pull/75 Third Party Advisory
https://vuldb.com/?ctiid.217638 Permissions Required Third Party Advisory
https://vuldb.com/?id.217638 Permissions Required Third Party Advisory
https://github.com/YunoHost-Apps/transmission_ynh/commit/f136dfd44eda128129e5fd2d850a3a3c600e6a4a Patch Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:yunohost:transmission_ynh:*:*:*:*:*:*:*:*
Information

Published : 2023-01-08 10:15

Updated : 2023-01-12 04:54

NVD link : CVE-2020-36647

Mitre link : CVE-2020-36647

Products Affected
No products.
CWE
CWE-22