1 results (0.004 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28380
https://notcve.org/view.php?id=CVE-2022-28380
The rc-httpd component through 2022-03-31 for 9front (Plan 9 fork) allows ..%2f directory traversal if serve-static is used. El componente rc-httpd versiones hasta 31-03-2022 para 9front (fork del Plan 9) permite un salto de directorio en ..%2f si es usado serve-static • https://desuarchive.org/g/thread/86286230 https://git.9front.org/plan9front/plan9front/241667b933ff5bacb9a3974f6877fb8aad78bed3/commit.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •