CVE-2022-0072

Source
https://cve.org/CVERecord?id=CVE-2022-0072
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0072.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-0072
Published
2022-10-27T19:28:49.031Z
Modified
2026-07-15T02:01:03.174850101Z
Severity
  • 5.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS Calculator
Summary
Directory Traversal in OpenLiteSpeed Web Server
Details

Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/0xxx/CVE-2022-0072.json",
    "cwe_ids": [
        "CWE-22"
    ],
    "cna_assigner": "palo_alto"
}
References

Affected packages

Git / github.com/litespeedtech/openlitespeed

Affected ranges

Type
GIT
Repo
https://github.com/litespeedtech/openlitespeed
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:litespeedtech:openlitespeed:1.5.11:*:*:*:*:*:*:*",
        "cpe:2.3:a:litespeedtech:openlitespeed:1.5.12:*:*:*:*:*:*:*"
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "extracted_events": [
        {
            "introduced": "1.6.5"
        },
        {
            "last_affected": "1.6.20.1"
        },
        {
            "introduced": "1.7.0"
        },
        {
            "fixed": "1.7.16.1"
        },
        {
            "introduced": "1.5.11"
        },
        {
            "last_affected": "1.5.11"
        },
        {
            "introduced": "1.5.12"
        },
        {
            "last_affected": "1.5.12"
        }
    ]
}

Affected versions

1.*
1.5.11
1.5.12
v.*
v.1.7.11
v.1.7.11.1
v1.*
v1.5.11
v1.5.12
v1.6.10
v1.6.11
v1.6.12
v1.6.13
v1.6.14
v1.6.15
v1.6.16
v1.6.17
v1.6.18
v1.6.19
v1.6.20
v1.6.20.1
v1.6.5
v1.6.6
v1.6.8
v1.6.9
v1.7.0
v1.7.1
v1.7.10
v1.7.10.1
v1.7.10.2
v1.7.12
v1.7.12.1
v1.7.13
v1.7.13.1
v1.7.13.2
v1.7.14
v1.7.15
v1.7.15.2
v1.7.16
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.7.7
v1.7.8
v1.7.9
v1.7.9.1
v1.7.9.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0072.json"