Lucene search
Veracode Vulnerability DatabaseVERACODE:20734HistoryJul 08, 2019 - 2:37 p.m.
Directory Traversal
2019-07-0814:37:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
40.6%
The Dataset API in DKPro Core is vulnerable to directory traversal. Lack of validation of file names in core/api/datasets/internal/actions/Explode.java allows an attacker to overwrite arbitrary local files via a malicious archive.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dkpro core asl - datasets | le | 1.10.0 | |
| dkpro core asl - datasets | le | 1.10.0 |
References
Related
cvelist
cvelist
CVE-2019-11082
2019-05-10 15:39:46
github
github
Path Traversal in DKPro Core
2019-05-29 18:05:11
prion
prion
Directory traversal
2019-05-10 16:29:00
osv
osv
CVE-2019-11082
2019-05-10 16:29:01
Path Traversal in DKPro Core
2019-05-29 18:05:11
nvd
nvd
CVE-2019-11082
2019-05-10 16:29:01
cve
cve
CVE-2019-11082
2019-05-10 16:29:01