Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CVAT vulnerable to directory traversal via mounted share listing
Vulnerability Description
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.8.1 through 2.52.0, an attacker with an account on a CVAT instance is able to retrieve the contents of any file system directory accessible to the CVAT server. The exposed information is names of contained files and subdirectories. The contents of files are not accessible. Version 2.53.0 contains a patch. No known workarounds are available.
CVSS Information
N/A
Vulnerability Type
路径遍历:’../filedir’
Vulnerability Title
CVAT.ai CVAT 安全漏洞
Vulnerability Description
CVAT.ai CVAT是CVAT.ai开源的一个数据处理工具。 CVAT.ai CVAT 2.8.1版本至2.52.0版本存在安全漏洞,该漏洞源于攻击者可检索CVAT服务器可访问的任何文件系统目录内容,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A