{"id":"PYSEC-2022-286","details":"Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.","aliases":["CVE-2022-2872","GHSA-49wm-4fp6-h59c"],"modified":"2023-11-08T04:09:05.118788Z","published":"2022-09-21T10:15:00Z","references":[{"type":"FIX","url":"https://github.com/octoprint/octoprint/commit/3e3c11811e216fb371a33e28412df83f9701e5b0"},{"type":"WEB","url":"https://huntr.dev/bounties/b966c74d-6f3f-49fe-b40a-eaf25e362c56"}],"affected":[{"package":{"name":"octoprint","ecosystem":"PyPI","purl":"pkg:pypi/octoprint"},"ranges":[{"type":"GIT","repo":"https://github.com/octoprint/octoprint","events":[{"introduced":"0"},{"fixed":"3e3c11811e216fb371a33e28412df83f9701e5b0"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.3"}]}],"versions":["1.3.11","1.3.12","1.3.12rc1","1.3.12rc3","1.4.0","1.4.0rc1","1.4.0rc2","1.4.0rc3","1.4.0rc4","1.4.0rc5","1.4.0rc6","1.4.1","1.4.1rc1","1.4.1rc2","1.4.1rc3","1.4.1rc4","1.4.2","1.5.0","1.5.0rc1","1.5.0rc2","1.5.0rc3","1.5.1","1.5.2","1.5.3","1.6.0","1.6.0rc1","1.6.0rc2","1.6.0rc3","1.6.1","1.7.0","1.7.0rc1","1.7.0rc2","1.7.0rc3","1.7.1","1.7.2","1.7.3","1.8.0","1.8.0rc1","1.8.0rc2","1.8.0rc3","1.8.0rc4","1.8.0rc5","1.8.1","1.8.2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/octoprint/PYSEC-2022-286.yaml"}}],"schema_version":"1.7.3"}