Vulnerability in N/a

CVE-2024-36857

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface.

EPSS: 0.534 (98.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

References

github.com/HackAllSec/CVEs/tree/main/Jan AFR vulnerability