Lucene search

K

Grails-resources Security Vulnerabilities

cve
cve

CVE-2014-3626

The Grails Resource Plugin often has to exchange URIs for resources with other internal components. Those other components will decode any URI passed to them. To protect against directory traversal the Grails Resource Plugin did the following: normalized the URI, checked the normalized URI did not....

7.5CVSS

7.5AI Score

0.002EPSS

2018-03-19 01:29 PM
18
cve
cve

CVE-2014-2857

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue was SPLIT from...

6AI Score

0.005EPSS

2014-04-15 11:55 PM
30
cve
cve

CVE-2014-2858

Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per ADT2 due to...

6AI Score

0.005EPSS

2014-04-15 11:55 PM
27
cve
cve

CVE-2014-0053

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this identifier has been SPLIT...

6.1AI Score

0.005EPSS

2014-04-15 11:55 PM
26