CVE-2016-0754

Опубликовано: 29 янв. 2016

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.

Ссылки

http://curl.haxx.se/docs/adv_20160127B.html
Vendor Advisory
http://curl.haxx.se/docs/adv_20160127B.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

Версия до 7.46.0 (включая)

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00351

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2016-0754

CVSS3: 5.3

ubuntu

около 10 лет назад

cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.

CVE-2016-0754

CVSS3: 5.3

debian

около 10 лет назад

cURL before 7.47.0 on Windows allows attackers to write to arbitrary f ...

GHSA-p8rx-wpgr-v4vx

CVSS3: 5.3

github

больше 3 лет назад

cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.

EPSS

Процентиль: 57%

0.00351

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20