5 matches found
CVE-2019-12138
MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note...
Remote code execution
MacDown 0.7.1 870 allows remote code execution via a file:\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138...
CVE-2019-12138
creationtimestamp| type| source ---|---|--- 2019-05-17 23:47:09+00:00| seen| https://t.me/cvemitreorg/73...
CVE-2019-12138
MacDown 0.7.1 is affected by CVE-2019-12138, which allows directory traversal leading to execution of arbitrary programs via a file:/// or ../ substring in a shared note. Red Hat notes remote/code execution potential via a file:\ URI with a .app pathname in an A element’s HREF (distinct from CVE-...
CVE-2019-12138
MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note...