Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2018/07/23 8:45 p.m.19 views

Directory Traversal in utahcityfinder

Affected versions of utahcityfinder resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

7.5CVSS7.1AI score0.02005EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2018/07/23 8:45 p.m.26 views

GHSA-68CM-MGV7-VG5C Directory Traversal in utahcityfinder

Affected versions of utahcityfinder resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

7.5CVSS7.4AI score0.02005EPSS
Exploits1References4
CNVD
CNVD
added 2018/06/21 12:0 a.m.3 views

utahcityfinder Path Traversal Vulnerability

utahcityfinder is a package for building a list of Utah cities. A directory traversal vulnerability exists in utahcityfinder. An attacker could gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

7.5CVSS7.6AI score0.02005EPSS
Exploits1References1
NVD
NVD
added 2018/06/07 2:29 a.m.13 views

CVE-2017-16173

utahcityfinder constructs lists of Utah cities with a certain prefix. utahcityfinder is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
OSV
OSV
added 2018/06/07 2:29 a.m.2 views

CVE-2017-16173

utahcityfinder constructs lists of Utah cities with a certain prefix. utahcityfinder is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS5.8AI score0.02005EPSS
Exploits1References2
CVE
CVE
added 2018/06/07 2:0 a.m.53 views

CVE-2017-16173

CVE-2017-16173 affects utahcityfinder, a package for listing Utah cities. A directory traversal vulnerability arises when a URL containing ../ sequences is processed, allowing an attacker to access filesystem paths outside the intended directory root. Multiple sources (GHSA, OSV, CNVD, CNVD-relat...

7.5CVSS7.4AI score0.02005EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.15 views

CVE-2017-16173

utahcityfinder constructs lists of Utah cities with a certain prefix. utahcityfinder is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.4AI score0.02005EPSS
Exploits1References2
Node.js
Node.js
added 2017/07/19 4:26 p.m.40 views

Directory Traversal

Overview Affected versions of utahcityfinder resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...

5CVSS4.3AI score0.02005EPSS
Exploits1Affected Software1
Rows per page
Query Builder