{
    "document": {
        "category": "csaf_vex",
        "csaf_version": "2.0",
        "distribution": {
            "tlp": {
                "label": "WHITE",
                "url": "https://www.first.org/tlp/v1/"
            }
        },
        "lang": "en",
        "publisher": {
            "category": "vendor",
            "contact_details": "mailto:security@intevation.de, encryption via OpenPGP: https://intevation.de/.well-known/openpgpkey/hu/t5s8ztdbon8yzntexy6oz5y48etqsnbb",
            "name": "Intevation GmbH",
            "namespace": "https://intevation.de"
        },
        "title": "Directory Traversal Issue in OpenSlides",
        "tracking": {
            "current_release_date": "2025-10-21T17:07:00.000Z",
            "id": "intevation-os-2025-0002",
            "initial_release_date": "2025-04-08T18:00:00.000Z",
            "revision_history": [
                {
                    "date": "2025-04-08T18:00:00.000Z",
                    "number": "1.0.0",
                    "summary": "Initial revision"
                },
                {
                    "date": "2025-04-08T19:00:00.000Z",
                    "number": "1.0.1",
                    "summary": "Fixed naming for version 4.2.5."
                },
                {
                    "date": "2025-05-05T12:59:00.000Z",
                    "number": "1.0.2",
                    "summary": "Status final after review."
                },
                {
                    "date": "2025-09-29T15:20:00.000Z",
                    "number": "2.0.0",
                    "summary": "Fix product version range syntax."
                },
                {
                    "date": "2025-10-21T17:07:00.000Z",
                    "number": "3.0.0",
                    "summary": "Fix product version range syntax and add current OpenSlides release as product which is fixed."
                }
            ],
            "status": "final",
            "version": "3.0.0"
        }
    },
    "product_tree": {
        "branches": [
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:intdot/<=4.2.4",
                                "product": {
                                    "name": "OpenSlides up to version 4.2.4",
                                    "product_id": "openslides-le-4.2.4"
                                }
                            },
                            {
                                "category": "product_version",
                                "name": "4.2.5",
                                "product": {
                                    "name": "OpenSlides version 4.2.5",
                                    "product_id": "openslides-e-4.2.5"
                                }
                            },
                            {
                                "category": "product_version",
                                "name": "4.2.23",
                                "product": {
                                    "name": "OpenSlides version 4.2.23",
                                    "product_id": "openslides-e-4.2.23"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "OpenSlides"
                    }
                ],
                "category": "vendor",
                "name": "Intevation GmbH"
            }
        ]
    },
    "vulnerabilities": [
        {
            "cve": "CVE-2025-30343",
            "notes": [
                {
                    "category": "summary",
                    "text": "Files can be uploaded to OpenSlides meetings and organized in folders. The interface allows users to download a ZIP archive that contains all files in a folder and its subfolders. If an attacker specifies the title of a file or folder as a relative or absolute path (e.g., ../../../etc/passwd), the ZIP archive generated for download converts that title into a path. Depending on the extraction tool used by the user, this might overwrite files locally outside of the chosen directory."
                }
            ],
            "product_status": {
                "known_affected": [
                    "openslides-le-4.2.4"
                ],
                "first_fixed": [
                    "openslides-e-4.2.5"
                ],
                "fixed": [
                    "openslides-e-4.2.5",
                    "openslides-e-4.2.23"
                ]
            },
            "remediations": [
                {
                    "category": "vendor_fix",
                    "date": "2025-03-19T12:00:00.000Z",
                    "details": "Update to the latest version of OpenSlides. At least version 4.2.5",
                    "product_ids": [
                        "openslides-le-4.2.4"
                    ],
                    "url": "https://github.com/OpenSlides/OpenSlides/releases"
                }
            ]
        }
    ]
}
