CVE-2020-36647 MEDIUM

CVE-2020-36647: YunoHost-Apps transmission_ynh nginx.conf path traversal

Vendor Yunohost-Apps

Product transmission_ynh

Weakness CWE-22 · Path traversal

Published January 8, 2023

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

5.5/10

Attack vector Adjacent

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

Description

A vulnerability classified as critical has been found in YunoHost-Apps transmission_ynh. Affected is an unknown function of the file conf/nginx.conf. The manipulation leads to path traversal. The patch is identified as f136dfd44eda128129e5fd2d850a3a3c600e6a4a. It is recommended to apply a patch to fix this issue. VDB-217638 is the identifier assigned to this vulnerability.

Key dates

Disclosure timeline

January 8, 2023 CVE published

August 4, 2024 Record updated