CVE-2022-46158
CVSS V2 None
CVSS V3 None
Description
PrestaShop is an open-source e-commerce solution. Versions prior to 1.7.8.8 did not properly restrict host filesystem access for users. Users may have been able to view the contents of the upload directory without appropriate permissions. This issue has been addressed and users are advised to upgrade to version 1.7.8.8. There are no known workarounds for this issue.
Overview
- CVE ID
- CVE-2022-46158
- Assigner
- security-advisories@github.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-08T22:15:10
- Last Modified Date
- 2022-12-12T17:58:22
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:* | 1 | OR | 1.7.8.8 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-46158 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46158 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2022-12-08 23:16:24 | Added to TrackCVE | |||
2022-12-12 01:14:43 | 2022-12-08T22:15:10.640 | 2022-12-08T22:15:10 | CVE Published Date | updated |
2022-12-12 01:14:43 | 2022-12-08T22:30:17 | CVE Modified Date | updated | |
2022-12-12 01:14:44 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
2022-12-12 18:17:48 | 2022-12-12T17:58:22 | CVE Modified Date | updated | |
2022-12-12 18:17:48 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
2022-12-12 18:17:49 | CPE Information | updated |