CVE-2018-12036

High

OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal…

mitre·CWE-22·Published 2018-06-07

CVSS

7.8

EPSS

0.02

KEV

Exploits

cve.orgen

144 chars

OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.

NVDen

144 chars

OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.

OSV.deven

144 chars

OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.

GHSAen

144 chars

OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.

NVDes

200 chars

OWASP Dependency-Check en versiones anteriores a la 3.2.0 permite que los atacantes escriban en archivos arbitrarios mediante un archivo manipulado que tiene nombres de archivo de salto de directorio.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H