Medium severity6.5NVD Advisory· Published Jan 10, 2022· Updated Jun 17, 2026
CVE-2022-22701
CVE-2022-22701
Description
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PartKeepr/PartKeeprdescription
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/hendrix/nvdExploitThird Party Advisory
- github.com/partkeepr/PartKeepr/issues/1229nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.