13Şub
CVE-2025-24889 | freedomofpress securedrop-client up to 0.14.0/1.0.0 autostart path traversal (GHSA-933q-fx9h-5g46)
A vulnerability, which was classified as critical, was found in freedomofpress securedrop-client up to 0.14.0/1.0.0. This affects an unknown part of the file /home/user/.config/autostart/. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2025-24889. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.