6 matches found
MKdocs 1.2.2 - Directory Traversal
The MKdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. Note the vendor has disputed the vulnerability see references because the dev server must be used in an unsafe way namely public to have this...
Linux Distros Unpatched Vulnerability : CVE-2021-40978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the...
mkdocs-protobuf (>=0.0.1 <=0.0.8), mkdocs-semos-plugin (>=0.1.1 <=0.1.3) +1 more potentially affected by CVE-2021-40978 via mkdocs (=1.2.2)
mkdocs PYPI version =1.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mkdocs and may be impacted: - mkdocs-protobuf =0.0.1, =0.1.1, =0.1.1, =0.1.5 Source cves: CVE-2021-40978 Source advisory: OSV:GHSA-QH9Q-34H6-HCV9...
CVE-2021-40978
The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601. and https://github.com/nisdn/CVE-2021-40978/issues/1...
CVE-2021-40978
The CVE-2021-40978 issue affects MkDocs 1.2.2 with its built-in dev-server, where directory traversal is possible on port 8000, allowing remote disclosure of sensitive information. Some sources note vendor dispute and that exploitation requires unsafe use (e.g., public exposure). The Nuclei templ...
Exploit for Path Traversal in Mkdocs
CVE-2021-40978 mkdocs built-in dev-server directory traversal...