CVE-2025-24888 | freedomofpress securedrop-client up to 0.14.0 Source/Journalist Interface autostart safe_move path traversal (GHSA-6c3p-chq6-q3j2)

Çağlar Arlı - 6 Views

CVE-2025-24888 | freedomofpress securedrop-client up to 0.14.0 Source/Journalist Interface autostart safe_move path traversal (GHSA-6c3p-chq6-q3j2)

A vulnerability was found in freedomofpress securedrop-client up to 0.14.0. It has been rated as critical. This issue affects the function safe_move of the file /home/user/.config/autostart/ of the component Source/Journalist Interface. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2025-24888. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

P	S	Ç	P	C	C	P
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28

Annanowa

CVE-2025-24888 | freedomofpress securedrop-client up to 0.14.0 Source/Journalist Interface autostart safe_move path traversal (GHSA-6c3p-chq6-q3j2)

CVE-2025-24888 | freedomofpress securedrop-client up to 0.14.0 Source/Journalist Interface autostart safe_move path traversal (GHSA-6c3p-chq6-q3j2)

Son Yazılar

Son Yorumlar