{"uuid": "6248082d-09e5-42c5-be06-67ac73260b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25937", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8356", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-25937\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P)\n\ud83d\udd39 Description: Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://security.snyk.io/vuln/npm:glance:20180129).\n\ud83d\udccf Published: 2023-02-13T05:00:01.128Z\n\ud83d\udccf Modified: 2025-03-21T14:52:00.741Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-GLANCE-3318395\n2. https://github.com/jarofghosts/glance/commit/8cecfe90286e0c45a5494067f1b592d0ccfeabac", "creation_timestamp": "2025-03-21T15:19:37.000000Z"}