Описание
URLs containing percent-encoded slashes (/ or \) can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 8.18.0 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | not-affected | code not present |
| plucky | ignored | end of life, was needed |
| questing | released | 8.14.1-2ubuntu1.1 |
| upstream | released | 8.17.0~rc3-1 |
Показывать по
EPSS
4.6 Medium
CVSS3
Связанные уязвимости
URLs containing percent-encoded slashes (`/` or `\`) can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool.
URLs containing percent-encoded slashes (`/` or `\`) can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool.
URLs containing percent-encoded slashes (`/` or `\`) can trick wcurl i ...
EPSS
4.6 Medium
CVSS3