Lucene search
K

3 matches found

vulnersOsv
vulnersOsv
added 2021/07/26 9:15 p.m.4 views

br.com.zup.beagle:beagle-micronaut-starter (>=1.1.0 <=2.1.0), com.bertramlabs.plugins:asset-pipeline-micronaut (>=3.0.7 <=4.3.0) +23 more potentially affected by CVE-2021-32769 via io.micronaut:micronaut-http-server-netty (>=1.0.1 <=2.5.8)

io.micronaut:micronaut-http-server-netty MAVEN version =1.0.1, =1.1.0, =3.0.7, =3.1.1, =0.99.0, =1.3.12, =0.1.0, =1.0.0, =3.0.1 - io.micronaut.example:micronaut-graphql-example-chat =1.4.0 - io.micronaut.example:micronaut-graphql-example-hello-world-groovy =1.4.0 -...

7.5CVSS7.1AI score0.01732EPSS
Exploits1
CVE
CVE
added 2021/07/16 6:25 p.m.86 views

CVE-2021-32769

Micronaut’s CVE-2021-32769 is a path-traversal vulnerability in versions before 2.5.9. Affected component is the Micronaut file/resource loader which allows access to filesystem paths via URL patterns like /../../ when not restricted to configured paths. Exploitation details are described across ...

7.5CVSS7.5AI score0.01732EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/07/16 6:25 p.m.22 views

CVE-2021-32769 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in micronaut-core

Micronaut is a JVM-based, full stack Java framework designed for building JVM applications. A path traversal vulnerability exists in versions prior to 2.5.9. With a basic configuration, it is possible to access any file from a filesystem, using "/../../" in the URL. This occurs because Micronaut...

7.5CVSS7.7AI score0.01732EPSS
Exploits1References2
Rows per page
Query Builder