Lucene search
K

51 matches found

NVD
NVD
added 2014/04/15 11:55 p.m.28 views

CVE-2014-2858

Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per ADT2 due to...

5CVSS5.9AI score0.03017EPSS
Exploits0References3
NVD
NVD
added 2014/04/15 11:55 p.m.22 views

CVE-2014-2857

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue was SPLIT from...

5CVSS5.8AI score0.01354EPSS
Exploits0References3
Prion
Prion
added 2014/04/15 11:55 p.m.27 views

Directory traversal

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this identifier has been SPLIT...

5CVSS6.4AI score0.03017EPSS
Exploits0References8Affected Software2
Prion
Prion
added 2014/04/15 11:55 p.m.31 views

Default configuration

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue was SPLIT from...

5CVSS6.3AI score0.01979EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2014/04/15 11:55 p.m.20 views

Directory traversal

Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per ADT2 due to...

5CVSS6.3AI score0.03017EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2014/04/15 6:0 p.m.27 views

CVE-2014-0053

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this identifier has been SPLIT...

5.9AI score0.01979EPSS
Exploits0References8
CVE
CVE
added 2014/04/15 6:0 p.m.72 views

CVE-2014-0053

CVE-2014-0053 affects Grails Resources plugin (versions 1.0.0–1.2.5) used with Grails 2.0.0–2.3.6. The default configuration fails to restrict access to files under /WEB-INF (and, per related entries, /META-INF) by default, enabling information disclosure via direct requests. The root cause inclu...

5CVSS6.1AI score0.01979EPSS
Exploits0References8Affected Software2
Cvelist
Cvelist
added 2014/04/15 6:0 p.m.21 views

CVE-2014-2857

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue was SPLIT from...

5.8AI score0.01354EPSS
Exploits0References3
CVE
CVE
added 2014/04/15 6:0 p.m.54 views

CVE-2014-2858

CVE-2014-2858 describes a directory traversal in the Grails Resources plugin (version 1.0.0 up to 1.2.5) for Grails 2.0.0–2.3.6. The issue allows remote attackers to obtain sensitive information via unspecified vectors related to a configured block (directory traversal bypass). Root cause: improp...

5CVSS6AI score0.03017EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2014/04/15 6:0 p.m.22 views

CVE-2014-2858

Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per ADT2 due to...

5.9AI score0.03017EPSS
Exploits0References3
CVE
CVE
added 2014/04/15 6:0 p.m.61 views

CVE-2014-2857

The CVE refers to the Grails Resources plugin (versions 1.0.0–1.2.5) used with Grails 2.0.0–2.3.6. Root cause: by default, the plugin does not restrict access to /WEB-INF or /META-INF, enabling information disclosure via direct requests. Affected configurations include the default setup; the issu...

5CVSS6AI score0.01354EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder