Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2018/10/17 4:20 p.m.7 views

be.fluid-it.reactive-microservice.bundle:bootique-vertx (>=0.1-0 <=0.1-8), be.fluid-it.reactive-microservice.bundle:reactive-microservice-bundle-core (>=0.1-0 <=0.1-8) +590 more potentially affected by CVE-2018-12542 via io.vertx:vertx-web (>=3.0.0 <=3.5.3.CR1)

io.vertx:vertx-web MAVEN version =3.0.0, =0.1-0, =0.1-0, =1.2.1, =3.0.5, =1.0.0, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.5 and more Source cves: CVE-2018-12542 Source advisory: OSV:GHSA-H39X-M55C-V55H...

9.8CVSS7.3AI score0.02286EPSS
Exploits1
OSV
OSV
added 2018/10/10 8:29 p.m.12 views

CVE-2018-12542

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '' forward slashes sequences that can resolve to a location that is outside of that directory when...

9.8CVSS6.8AI score
Exploits0References3
Cvelist
Cvelist
added 2018/10/10 8:0 p.m.22 views

CVE-2018-12542

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '' forward slashes sequences that can resolve to a location that is outside of that directory when...

9.5AI score0.02286EPSS
Exploits1References3
CVE
CVE
added 2018/10/10 8:0 p.m.82 views

CVE-2018-12542

In Eclipse Vert.x 3.0.0–3.5.3, the StaticHandler reads external input to form a pathname and fails to neutralize backslash sequences on Windows, allowing path traversal to locations outside the intended restricted directory. This CVE is documented with a high/critical impact (CVE-2018-12542) and ...

9.8CVSS9.3AI score0.02286EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder