Количество 3
Количество 3
CVE-2015-3309
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (dot dot) in the path parameter of HTTP API requests. NOTE: This vulnerability is due to an incomplete fix to CVE-2015-3297.
CVE-2015-3309
Directory traversal vulnerability in node/utils/Minify.js in Etherpad ...
GHSA-fpgg-qjcj-58g7
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (dot dot) in the path parameter of HTTP API requests. NOTE: This vulnerability is due to an incomplete fix to CVE-2015-3297.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-3309 Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (dot dot) in the path parameter of HTTP API requests. NOTE: This vulnerability is due to an incomplete fix to CVE-2015-3297. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| CVE-2015-3309 Directory traversal vulnerability in node/utils/Minify.js in Etherpad ... | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| GHSA-fpgg-qjcj-58g7 Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (dot dot) in the path parameter of HTTP API requests. NOTE: This vulnerability is due to an incomplete fix to CVE-2015-3297. | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу