CVE-2022-23793 is a vulnerability in Joomla
Published on March 30, 2022

[20220301] - Core - Zip Slip within the Tar extractor
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.

Vendor Advisory NVD

Products Associated with CVE-2022-23793

Want to know whenever a new CVE is published for Joomla? stack.watch will email you.

Joomla

Affected Versions

Joomla! Project Joomla! CMS:

Version 3.0.0-3.10.6 & 4.0.0-4.1.0 is affected.

Joomla! Project joomla/archive:

Version 1.0.0-1.1.11 & 2.0.0 is affected.

Exploit Probability

EPSS

0.05%

Percentile

14.98%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-23793 is a vulnerability in JoomlaPublished on March 30, 2022

Products Associated with CVE-2022-23793

Affected Versions

Exploit Probability

CVE-2022-23793 is a vulnerability in Joomla
Published on March 30, 2022