Описание
The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| radicale | not-affected | package |
EPSS
Процентиль: 80%
0.01377
Низкий
Связанные уязвимости
CVSS3: 10
ubuntu
около 10 лет назад
The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.
CVSS3: 10
nvd
около 10 лет назад
The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.
CVSS3: 10
github
больше 3 лет назад
Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component
EPSS
Процентиль: 80%
0.01377
Низкий