Unrated severityNVD Advisory· Published Dec 13, 2023· Updated Aug 2, 2024
Audiobookshelf Arbitrary File Read Vulnerability
CVE-2023-47624
Description
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, any user (regardless of their permissions) may be able to read files from the local file system due to a path traversal in the /hls endpoint. This issue may lead to Information Disclosure. As of time of publication, no patches are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=2.4.3+ 1 more
- (no CPE)range: <=2.4.3
- (no CPE)range: <= 2.4.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.