2 matches found
CVE-2018-1316
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...
CVE-2018-1316
CVE-2018-1316 concerns the Apache ODE process deployment web service, which was vulnerable to directory traversal via a forged deployment name. The root cause was using a path for the deployment name, allowing traversal with .. in a request parameter, leading to potential writes to unintended loc...