Home > Vulnerability Database > CVE-2022-3607

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2022-3607

Good to know:

Date: October 19, 2022

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository octoprint/octoprint prior to 1.8.3.

Language: Python

Severity Score

6.0

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-3607

Url: https://github.com/octoprint/octoprint/commit/3cca3a43f3d085e9bbe5a5840c8255bb1b5d052e

Url: https://huntr.dev/bounties/2d1db3c9-93e8-4902-a55b-5ea53c22aa11

Url: https://www.mend.io/vulnerability-database/CVE-2022-3607

Severity Score

6.0

Weakness Type (CWE)

Injection

CWE-74

Top Fix

Upgrade Version

Upgrade to version OctoPrint - 1.8.3

CVSS v3.1

Base Score:	6.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Do you need more information?

Contact Us