Critical severityNVD Advisory· Published May 16, 2022· Updated Nov 20, 2024
CVE-2022-29351
CVE-2022-29351
Description
An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file. Note: The vendor argues that this is not a legitimate issue and there is no vulnerability here.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tiddlywikinpm | <= 5.2.2 | — |
Affected products
2- Tiddlywiki5/Tiddlywiki5description
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-cr9c-rhq6-vh53ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-29351ghsaADVISORY
- tiddlywiki5.comghsaWEB
- github.com/Jermolene/TiddlyWiki5/issues/7384ghsaWEB
- www.youtube.com/watchghsaWEB
News mentions
0No linked articles in our index yet.