admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-10 19:00:49 +00:00
parent 91155db555
commit c9eceb0460
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
1 changed files with 72 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2019/14xxx/CVE-2019-14924.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/swisspol/GCDWebServer/issues/433",
"refsource": "MISC",
"name": "https://github.com/swisspol/GCDWebServer/issues/433"
},
{
"url": "https://github.com/swisspol/GCDWebServer/commit/02738433bf2e1b820ef48f04edd15df304081802",
"refsource": "MISC",
"name": "https://github.com/swisspol/GCDWebServer/commit/02738433bf2e1b820ef48f04edd15df304081802"
},
{
"url": "https://github.com/swisspol/GCDWebServer/compare/3.5.2...3.5.3",
"refsource": "MISC",
"name": "https://github.com/swisspol/GCDWebServer/compare/3.5.2...3.5.3"
}
]
}
}