2 matches found
CVE-2018-20684
In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp...
CVE-2018-20684
CVE-2018-20684 affects WinSCP prior to 5.14 beta where the SCP implementation lacks proper validation, allowing the server to send files that could overwrite unrelated ones via TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp. Documents confirm the vulnerability in the WinSCP SCP path, with CVSS...