Skip to main content

Asset Pipeline

2 CVEs product

Monthly

CVE-2018-1000817 Maven HIGH POC PATCH This Week

Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Path Traversal Asset Pipeline
NVD GitHub
CVSS 3.0
7.5
EPSS
2.5%
CVE-2018-17605 Maven HIGH PATCH This Week

An issue was discovered in the Asset Pipeline plugin before 3.0.4 for Grails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Asset Pipeline
NVD GitHub
CVSS 3.0
7.5
EPSS
2.2%
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Path Traversal Asset Pipeline
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in the Asset Pipeline plugin before 3.0.4 for Grails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Asset Pipeline
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy