Описание
Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read arbitrary files via ".." sequences in unspecified vectors.
Ссылки
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cherrypy:cherrypy:0.1:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.2:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.3:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.4:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.5:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.6:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.7:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.8:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.8_beta:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.9:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.9_beta:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.9_gamma:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.9_rc1:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.10:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.10_beta:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:0.10_rc1:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:2.0.0a1:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:2.1.0_beta:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:2.1.0_rc1:*:*:*:*:*:*:*
cpe:2.3:a:cherrypy:cherrypy:2.1.0_rc2:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00848
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
больше 19 лет назад
Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read arbitrary files via ".." sequences in unspecified vectors.
debian
больше 19 лет назад
Directory traversal vulnerability in the staticfilter component in Che ...
EPSS
Процентиль: 74%
0.00848
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other