CVE-2018-11789

2019-03-2116:00:12

Google

osv.dev

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

28.0%

JSON

When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. …%2F…%2F…%2F…%2F…%2F…%2Fetc%2Fpasswd.