Описание
Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \ (backslash) as a separator of path components within the Content-disposition HTTP header.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | |
| devel | ignored | |
| hardy | ignored | |
| karmic | ignored | |
| lucid | ignored | |
| maverick | ignored | |
| upstream | released | 7.21.2-1 |
Показывать по
5.8 Medium
CVSS2
Связанные уязвимости
Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \ (backslash) as a separator of path components within the Content-disposition HTTP header.
Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, w ...
Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \ (backslash) as a separator of path components within the Content-disposition HTTP header.
5.8 Medium
CVSS2