WhiteSource Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Good to know:
Date: October 5, 2015
The Precious module in gollum before 4.0.1 allows remote attackers to read arbitrary files by leveraging the lack of a certain temporary-file check.
Weakness Type (CWE)
Information Leak / DisclosureCWE-200
Upgrade to version 4.0.1
|Access Vector (AV):||NETWORK|
|Access Complexity (AC):||MEDIUM|