CVE-2025-8343

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-8343
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8343.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-8343
Published
2025-07-31T01:15:25.860Z
Modified
2026-04-10T05:39:02.396956Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in openviglet shio up to 0.3.8. It has been rated as critical. This issue affects the function shStaticFilePreUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument fileName leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

References

Affected packages

Git / github.com/openviglet/shio

Affected ranges

Type
GIT
Repo
https://github.com/openviglet/shio
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
870790aaecb11aa0bc074ee2181c20215bc7f0f9
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.3.8"
        }
    ]
}

Affected versions

v0.*
v0.3.8

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8343.json"