5 matches found
CVE-2024-41765
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted
Summary Software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a...
CVE-2024-41765
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
CVE-2024-41765
creationtimestamp| type| source ---|---|--- 2025-01-04 14:42:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113770603403534386 2025-01-04 15:15:35+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lewfitjb4o22 2025-01-04 17:16:05+00:00| seen|...
CVE-2024-41765 IBM Engineering Lifecycle Optimization - Publishing directory traversal
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...