Merge pull request #512 from telerik/dess-cvss-updates

peshito7 · web-flow · commit 6ea7dc09e20b · 2025-02-12T18:13:25.000+02:00
Update kb-security-path-traversal-cve-2024-11343.md
diff --git a/knowledge-base/kb-security-path-traversal-cve-2024-11343.md b/knowledge-base/kb-security-path-traversal-cve-2024-11343.md
@@ -38,6 +38,6 @@ All customers who have a Telerik license can access the downloads here [Product
 
 [CVE-2024-11343](https://www.cve.org/CVERecord?id=CVE-2024-11343) (HIGH)
 
-**CVSS:** 7.3
+**CVSS:** 8.3
 
-In Progress® Telerik® Document Processing, versions prior to 2025 Q1 (2025.1.2xx), improper limitation of a target path can lead to decompressing an archive's content into a restricted directory.
+In Progress® Telerik® Document Processing, versions prior to 2025 Q1 (2025.1.2xx), improper limitation of a target path can lead to decompressing an archive's content into a restricted directory.
diff --git a/knowledge-base/kb-security-rtf-filecontent-export-cve-2024-11629.md b/knowledge-base/kb-security-rtf-filecontent-export-cve-2024-11629.md
@@ -38,6 +38,6 @@ All customers who have a Telerik license can access the downloads here [Product
 
 [CVE-2024-11629](https://www.cve.org/CVERecord?id=CVE-2024-11629) (HIGH)
 
-**CVSS:** 7.3
+**CVSS:** 7.1
 
 In Progress Telerik Document Processing Libraries, versions prior to 2025 Q1 (2025.1.2xx), using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF.
