CVE-2019-15714

2019-08-2811:45:43

mitre

www.cve.org

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.7%

JSON

cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations.

References

github.com/entropic-dev/entropic/issues/251