Skip to main content

CWE-57

Path Equivalence: 'fakedir/../realdir/filename'

1 CVEs Avg CVSS 4.3 MITRE
0
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2024-34995 MEDIUM This Month

svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserController#importOver. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
EPSS 0% CVSS 4.3
MEDIUM This Month

svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserController#importOver. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy