VYPR
High severity7.5NVD Advisory· Published Jul 8, 2022· Updated Jun 17, 2026

CVE-2022-35410

CVE-2022-35410

Description

mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mat2PyPI
< 0.13.00.13.0

Affected products

2
  • mat2/metadata anonymisation toolkitdescription
  • ghsa-coords
    Range: < 0.13.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.