Asset-pipeline Security Vulnerabilities and Issues — Asset-pipeline CVE List

Lucene search

Asset Pipeline ProjectAsset-pipeline

1 matches found

CVE•added 2018/12/20 3:29 p.m.•37 views

CVE-2018-1000817

Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. This attack appear to be exploitable via Specially craf...

7.5CVSS7.5AI score0.00431EPSS