Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-5269

Опубликовано: 04 сент. 2014
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:plack_project:plack:*:*:*:*:*:*:*:*
Версия до 1.0030 (включая)

EPSS

Процентиль: 64%
0.00462
Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2014-5269

ubuntu
больше 11 лет назад

Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static.

debian логотип

CVE-2014-5269

debian
больше 11 лет назад

Plack::App::File in Plack before 1.0031 removes trailing slash charact ...

github логотип

GHSA-vx87-xj55-ccgc

github
больше 3 лет назад

Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static.

EPSS

Процентиль: 64%
0.00462
Низкий

5 Medium

CVSS2

Дефекты

CWE-264