Skip to main content

H20

1 CVEs product

Monthly

CVE-2015-5638 MEDIUM This Month

Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal H20
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 0% CVSS 4.3
MEDIUM This Month

Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal H20
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy