Back to search
CVE-2011-1589
Published: Apr 29, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://perlninja.posterous.com/sharks-in-the-water
x_refsource_MISC
DSA-2221
vendor-advisory
x_refsource_DEBIAN
http://search.cpan.org/CPAN/authors/id/K/KR/KRAIH/Mojolicious-1.16.tar.gz
x_refsource_CONFIRM
ADV-2011-1072
vdb-entry
x_refsource_VUPEN
https://github.com/kraih/mojo/issues/114
x_refsource_CONFIRM
[oss-security] 20110418 Re: CVE request: Mojolicious directory traversal vulnerability
mailing-list
x_refsource_MLIST
FEDORA-2011-5505
vendor-advisory
x_refsource_FEDORA
44359
third-party-advisory
x_refsource_SECUNIA
44051
third-party-advisory
x_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952
x_refsource_CONFIRM
ADV-2011-1093
vdb-entry
x_refsource_VUPEN
71850
vdb-entry
x_refsource_OSVDB
[oss-security] 20110416 CVE request: Mojolicious directory traversal vulnerability
mailing-list
x_refsource_MLIST
47402
vdb-entry
x_refsource_BID
http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.16/Changes
x_refsource_CONFIRM
mojolicious-url-directory-traversal(66830)
vdb-entry
x_refsource_XF
[oss-security] 20110418 CVE request: Mojolicious
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=697229
x_refsource_CONFIRM
FEDORA-2011-5504
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now