Diffy
1 CVEs
product
Monthly
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft
Information Disclosure
Diffy
NVD
GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-33127
Ruby
EPSS 2%
CVSS 9.8
CRITICAL
PATCH
Act Now
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft
Information Disclosure
Diffy
NVD
GitHub