Lucene search
GoogleOSV:CVE-2020-7758HistoryNov 02, 2020 - 10:15 p.m.
CVE-2020-7758
2020-11-0222:15:13
Google
osv.dev
5
This affects versions of package browserless-chrome before 1.40.2-chrome-stable. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| browserless | eq | 1.12.0 | |
| browserless | eq | 1.29.0 | |
| browserless | eq | 1.29.1 | |
| browserless | eq | 1.3.0 | |
| browserless | eq | 1.21.0 | |
| browserless | eq | 1.24.0 | |
| browserless | eq | 1.25.0 | |
| browserless | eq | 1.10.0 | |
| browserless | eq | 1.8.0 | |
| browserless | eq | 1.19.0 |
Related
cvelist
cvelist
CVE-2020-7758 Path Traversal
2020-11-02 00:00:00
prion
prion
Path traversal
2020-11-02 22:15:00
github
github
Path Traversal in browserless-chrome
2021-05-10 18:46:48
cve
cve
CVE-2020-7758
2020-11-02 22:15:13
osv
osv
Path Traversal in browserless-chrome
2021-05-10 18:46:48
nvd
nvd
CVE-2020-7758
2020-11-02 22:15:13