Medium severity4.5NVD Advisory· Published Dec 27, 2022· Updated Jun 17, 2026
CVE-2022-4772
CVE-2022-4772
Description
A vulnerability was found in Widoco and classified as critical. Affected by this issue is the function unZipIt of the file src/main/java/widoco/WidocoUtils.java. The manipulation leads to path traversal. It is possible to launch the attack on the local host. The name of the patch is f2279b76827f32190adfa9bd5229b7d5a147fa92. It is recommended to apply a patch to fix this issue. VDB-216914 is the identifier assigned to this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.github.dgarijo:WidocoMaven | <= 1.4.17 | — |
Affected products
2- Widoco/Widocodescription
Patches
Vulnerability mechanics
References
6- github.com/dgarijo/Widoco/commit/f2279b76827f32190adfa9bd5229b7d5a147fa92nvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-jj8r-jw42-mw4wghsaADVISORY
- github.com/dgarijo/Widoco/pull/551nvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-4772ghsaADVISORY
- vuldb.comnvdThird Party AdvisoryWEB
- vuldb.comnvdThird Party AdvisoryWEB
News mentions
0No linked articles in our index yet.