Lucene search
GoogleOSV:CVE-2018-13864HistoryJul 17, 2018 - 12:29 p.m.
CVE-2018-13864
2018-07-1712:29:00
Google
osv.dev
2
A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. It allows a remote attacker to download arbitrary files from the target server via specially crafted HTTP requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| playframework | eq | 2.6.14 | |
| playframework | eq | 2.6.13 | |
| playframework | eq | 2.6.15 | |
| playframework | eq | 2.6.12 |
Related
cve
cve
CVE-2018-13864
2018-07-17 12:29:00
prion
prion
Directory traversal
2018-07-17 12:29:00
github
github
Play Framework's Assets controller vulnerable to directory traversal
2022-05-13 01:30:27
nvd
nvd
CVE-2018-13864
2018-07-17 12:29:00
osv
osv
Play Framework's Assets controller vulnerable to directory traversal
2022-05-13 01:30:27
cvelist
cvelist
CVE-2018-13864
2018-07-17 12:00:00
veracode
veracode
Directory Traversal
2018-07-17 06:16:03