Lucene search
GoogleOSV:GHSA-G86W-V5VG-9GXFHistoryJun 05, 2020 - 4:11 p.m.
Directory traversal attack in Spring Cloud Config
2020-06-0516:11:36
Google
osv.dev
14
EPSS
0.004
Percentile
72.6%
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
Related
cvelist
cvelist
CVE-2020-5405 Directory Traversal with spring-cloud-config-server
2020-03-05 19:00:19
osv
osv
CVE-2020-5405
2020-03-05 19:15:11
github
github
Directory traversal attack in Spring Cloud Config
2020-06-05 16:11:36
nvd
nvd
CVE-2020-5405
2020-03-05 19:15:11
cve
cve
CVE-2020-5405
2020-03-05 19:15:11
redhatcve
redhatcve
CVE-2020-5405
2020-04-24 22:33:39
veracode
veracode
Directory Traversal
2020-03-06 03:25:21
nuclei
nuclei
Spring Cloud Config - Local File Inclusion
2020-07-06 16:22:18
prion
prion
Directory traversal
2020-03-05 19:15:00
ibm
ibm
openvas
openvas
Generic HTTP Directory Traversal (Web Dirs) - Active Check
2021-07-22 00:00:00