2 matches found
CVE-2018-8909
The Wire application before 2018-03-07 for Android allows attackers to write to pathnames outside of the downloads directory via a ../ in a filename of a received file, related to AssetService.scala...
Security Bulletin: IBM Security Guardium is affected by Using Components with Known Vulnerabilities [CVE-2018-8909, CVE-2021-41100 and CVE-2021-41119]
Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID:CVE-2018-8909 DESCRIPTION: Wire App for Android could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../...