4 matches found
EUVD-2022-3922
Malicious code in bioql PyPI...
EUVD-2022-5517
Malicious code in bioql PyPI...
Asset Pipeline plugin for Grails vulnerable to Path Traversal
An issue was discovered in the Asset Pipeline plugin before 3.0.4 for Grails. An attacker can perform directory traversal via a crafted request when a servlet-based application is executed in Jetty, because there is a classloader vulnerability that can allow a reverse file traversal route in...
CVE-2018-17605
CVE-2018-17605 affects the Asset Pipeline plugin for Grails (versions before 3.0.4). A directory traversal flaw exists when a servlet-based application runs in Jetty, due to a classloader vulnerability that enables a reverse file traversal path via AssetPipelineFilter.groovy or AssetPipelineFilte...