A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this vulnerability is the function deployWar of the file 1.x/src/rogatkin/web/WarRoller.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 1bac15c496ec54efe21ad7fab4e17633778582fc. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216187.
[
{
"id": "CVE-2022-4594-aad00b84",
"target": {
"file": "1.x/src/rogatkin/web/WarRoller.java"
},
"signature_version": "v1",
"source": "https://github.com/drogatkin/tjws2/commit/1bac15c496ec54efe21ad7fab4e17633778582fc",
"signature_type": "Line",
"digest": {
"line_hashes": [
"328061665776794597130301823361199294319",
"213781147036017673915624787530271011145",
"177796164839171755714222910602738477686",
"81908112164739590840909524155259851099"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2022-4594-bb0a9505",
"target": {
"function": "deployWar",
"file": "1.x/src/rogatkin/web/WarRoller.java"
},
"signature_version": "v1",
"source": "https://github.com/drogatkin/tjws2/commit/1bac15c496ec54efe21ad7fab4e17633778582fc",
"signature_type": "Function",
"digest": {
"function_hash": "12433790911899577352291919858434873753",
"length": 2123.0
},
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4594.json"
"2026-04-11T23:22:40Z"
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2022-05-24"
}
]
}
]