admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/14xxx/CVE-2019-14924.json

72 lines
2.4 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2019-08-10 19:00:49 +00:00
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/swisspol/GCDWebServer/issues/433",
"refsource": "MISC",
"name": "https://github.com/swisspol/GCDWebServer/issues/433"
},
{
"url": "https://github.com/swisspol/GCDWebServer/commit/02738433bf2e1b820ef48f04edd15df304081802",
"refsource": "MISC",
"name": "https://github.com/swisspol/GCDWebServer/commit/02738433bf2e1b820ef48f04edd15df304081802"
},
{
"url": "https://github.com/swisspol/GCDWebServer/compare/3.5.2...3.5.3",
"refsource": "MISC",
"name": "https://github.com/swisspol/GCDWebServer/compare/3.5.2...3.5.3"
}
]
}
}
Reference in New Issue Copy Permalink