Lucene search
GitHub_MCVELIST:CVE-2020-15230HistoryOct 02, 2020 - 6:55 p.m.
CVE-2020-15230 Arbitrary file read un Vapor
2020-10-0218:55:14
CWE-22
GitHub_M
www.cve.org
4
vapor
web framework
file read
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
44.4%
Vapor is a web framework for Swift. In Vapor before version 4.29.4, Attackers can access data at arbitrary filesystem paths on the same host as an application. Only applications using FileMiddleware are affected. This is fixed in version 4.29.4.
CNA Affected
[
{
"product": "vapor",
"vendor": "vapor",
"versions": [
{
"status": "affected",
"version": "< 4.29.4"
}
]
}
]Related
osv
osv
Arbitrary file read using percent-encoded relative paths in FileMiddleware
2023-06-09 19:31:32
CVE-2020-15230
2020-10-02 19:15:12
github
github
Arbitrary file read using percent-encoded relative paths in FileMiddleware
2023-06-09 19:31:32
nvd
nvd
CVE-2020-15230
2020-10-02 19:15:12
prion
prion
Design/Logic Flaw
2020-10-02 19:15:00
gitlab
gitlab
Arbitrary file read using percent-encoded relative paths in FileMiddleware
2023-06-09 00:00:00
cve
cve
CVE-2020-15230
2020-10-02 19:15:12
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
44.4%
Related for CVELIST:CVE-2020-15230