Lucene search
GoogleOSV:CVE-2019-17572HistoryMay 14, 2020 - 5:15 p.m.
CVE-2019-17572
2020-05-1417:15:11
Google
osv.dev
2
In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “…/…/…/…/topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later.
Related
cve
cve
CVE-2019-17572
2020-05-14 17:15:11
veracode
veracode
Directory Traversal
2020-05-15 05:01:00
prion
prion
Directory traversal
2020-05-14 17:15:00
github
github
Directory traversal in Apache RocketMQ
2020-07-01 17:26:15
cvelist
cvelist
CVE-2019-17572
2020-05-14 16:10:48
nvd
nvd
CVE-2019-17572
2020-05-14 17:15:11
osv
osv
Directory traversal in Apache RocketMQ
2020-07-01 17:26:15
nessus
nessus
Apache RocketMQ 4.2.0 < 4.6.1 Directory Traversal (CVE-2023-37582)
2023-11-10 00:00:00