10 matches found
EUVD-2018-0804
Malware in sbrugna...
XML External Entity (XXE) vulnerability in Square Retrofit
Square Open Source Retrofit versions prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contain a XML External Entity XXE vulnerability in JAXB. An attacker could use this to remotely read files from the file system or to perform SSRF. This vulnerability appears to have been fixed in commit...
GHSA-J379-9JR9-W5CQ XML External Entity (XXE) vulnerability in Square Retrofit
Square Open Source Retrofit versions prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contain a XML External Entity XXE vulnerability in JAXB. An attacker could use this to remotely read files from the file system or to perform SSRF. This vulnerability appears to have been fixed in commit...
Directory Traversal vulnerability in Square Retrofit
Square Retrofit versions from including 2.0 to 2.5.0 excluding contain a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter. By manipulating the URL an attacker could add or delete resources otherwise unavailable to her. This attack appears to be exploitable via an...
GHSA-8P8G-F9VG-R7XR Directory Traversal vulnerability in Square Retrofit
Square Retrofit versions from including 2.0 to 2.5.0 excluding contain a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter. By manipulating the URL an attacker could add or delete resources otherwise unavailable to her. This attack appears to be exploitable via an...
CVE-2018-1000850
Square Retrofit version versions from including 2.0 and 2.5.0 excluding contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack...
CVE-2018-1000850
Square Retrofit version versions from including 2.0 and 2.5.0 excluding contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack...
Directory traversal
Square Retrofit version versions from including 2.0 and 2.5.0 excluding contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack...
CVE-2018-1000850
CVE-2018-1000850 pertains to Square Retrofit: versions from 2.0 up to 2.4.x (inclusive) contain a Directory Traversal vulnerability in RequestBuilder.addPathParameter. By manipulating an encoded path parameter on POST/PUT/DELETE requests, an attacker could potentially access or alter resources ou...
CVE-2018-1000850
Square Retrofit version versions from including 2.0 and 2.5.0 excluding contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack...