CVE-2018-16478

2018-12-0414:00:00

CWE-22

hackerone

www.cve.org

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.7%

JSON

A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root.

CNA Affected

[
  {
    "product": "simplehttpserver",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Not Fixed"
      }
    ]
  }
]

References

hackerone.com/reports/403703