{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-04-15T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://perlninja.posterous.com/sharks-in-the-water"}, {"name": "DSA-2221", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2221"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://search.cpan.org/CPAN/authors/id/K/KR/KRAIH/Mojolicious-1.16.tar.gz"}, {"name": "ADV-2011-1072", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/1072"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kraih/mojo/issues/114"}, {"name": "[oss-security] 20110418 Re: CVE request: Mojolicious directory traversal vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/04/18/7"}, {"name": "FEDORA-2011-5505", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058891.html"}, {"name": "44359", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44359"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kraih/mojo/commit/b09854988c5b5b6a2ba53cc8661c4b2677da3818"}, {"name": "44051", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44051"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952"}, {"name": "ADV-2011-1093", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/1093"}, {"name": "71850", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/71850"}, {"name": "[oss-security] 20110416 CVE request: Mojolicious directory traversal vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/04/17/1"}, {"name": "47402", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/47402"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.16/Changes"}, {"name": "mojolicious-url-directory-traversal(66830)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66830"}, {"name": "[oss-security] 20110418 CVE request: Mojolicious", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/04/18/3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697229"}, {"name": "FEDORA-2011-5504", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058885.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:28:41.971Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://perlninja.posterous.com/sharks-in-the-water"}, {"name": "DSA-2221", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2221"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://search.cpan.org/CPAN/authors/id/K/KR/KRAIH/Mojolicious-1.16.tar.gz"}, {"name": "ADV-2011-1072", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/1072"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/kraih/mojo/issues/114"}, {"name": "[oss-security] 20110418 Re: CVE request: Mojolicious directory traversal vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/04/18/7"}, {"name": "FEDORA-2011-5505", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058891.html"}, {"name": "44359", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44359"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/kraih/mojo/commit/b09854988c5b5b6a2ba53cc8661c4b2677da3818"}, {"name": "44051", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44051"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952"}, {"name": "ADV-2011-1093", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/1093"}, {"name": "71850", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/71850"}, {"name": "[oss-security] 20110416 CVE request: Mojolicious directory traversal vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/04/17/1"}, {"name": "47402", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/47402"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.16/Changes"}, {"name": "mojolicious-url-directory-traversal(66830)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66830"}, {"name": "[oss-security] 20110418 CVE request: Mojolicious", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/04/18/3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697229"}, {"name": "FEDORA-2011-5504", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058885.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1589", "datePublished": "2011-04-29T22:00:00", "dateReserved": "2011-04-05T00:00:00", "dateUpdated": "2024-08-06T22:28:41.971Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "083A2DA9-38BB-4AF8-9FF0-41101E830A0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C2C11EC7-D91E-4F65-9C8A-801C724EDBBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "BC33620B-2B78-4221-8067-15E8BC56865A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "69AC00B5-717B-4F7F-AD25-9754BEFD7221", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "F2E2469A-BE25-4D18-8E7D-F709DCB86FCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "02BB8742-9D5C-4831-BD2F-A24505B8E4C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "82CA1476-123D-44D5-A1E8-D9C58F6D9949", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "479781F2-9614-4552-AE39-12AC41ABB3AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "78D1279D-333D-4338-B4ED-07BB1900FB0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "0D21184D-8823-4162-961D-8A7856557786", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "538FC292-B6BF-4551-AE44-259E0B61B680", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "574F7A7C-3986-401D-A58F-6C8F7D922002", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "BDACD094-8117-460E-B7D1-E63EC00B97A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8006:*:*:*:*:*:*:*", "matchCriteriaId": "6965DAA1-FDD8-484B-873A-F6D13227FAD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8007:*:*:*:*:*:*:*", "matchCriteriaId": "9865E142-BB29-4718-BD85-F40E185BF31E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8008:*:*:*:*:*:*:*", "matchCriteriaId": "9F667C15-3C89-49CD-800D-303A2677FC36", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.8009:*:*:*:*:*:*:*", "matchCriteriaId": "8B301544-A38F-417C-BB94-E7711F8ED7C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.9001:*:*:*:*:*:*:*", "matchCriteriaId": "ADEBDEB2-3070-4633-A934-DDF49CBD10C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.9002:*:*:*:*:*:*:*", "matchCriteriaId": "5875A25D-CC0E-43CF-B617-CEA99C65A52A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991231:*:*:*:*:*:*:*", "matchCriteriaId": "D8C04B9B-DEA3-4161-8E6C-BBBBE9AF5444", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991232:*:*:*:*:*:*:*", "matchCriteriaId": "EE5F9699-7B1B-4356-B0EB-C942888AFEE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991233:*:*:*:*:*:*:*", "matchCriteriaId": "A041B8EB-AD9E-452B-9A2E-22DBCD5CB091", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991234:*:*:*:*:*:*:*", "matchCriteriaId": "4BE7A136-3975-400A-AB77-4BCD4669553A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991235:*:*:*:*:*:*:*", "matchCriteriaId": "FE628F19-D7C9-4E6D-BDC4-5C82CDE540E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991236:*:*:*:*:*:*:*", "matchCriteriaId": "26803A52-EAEC-4CD6-BB89-F1EF40B3021F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991237:*:*:*:*:*:*:*", "matchCriteriaId": "B7BC4454-3168-420B-9136-21FD18571526", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991238:*:*:*:*:*:*:*", "matchCriteriaId": "A346280F-BA80-4FBA-BD15-6CA7A1ED8D8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991239:*:*:*:*:*:*:*", "matchCriteriaId": "B0376F10-8493-498D-9B5D-76AFE0F4417A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991240:*:*:*:*:*:*:*", "matchCriteriaId": "69293BBF-7788-4462-AA6F-9D3A084D1B3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991241:*:*:*:*:*:*:*", "matchCriteriaId": "31F30FA3-69EC-45B3-8AF5-852DB73756A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991242:*:*:*:*:*:*:*", "matchCriteriaId": "B88557E4-C793-4F6A-A3AE-07799B212ECB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991243:*:*:*:*:*:*:*", "matchCriteriaId": "8F88C231-60FE-42F3-87E9-23E88ADC7650", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991244:*:*:*:*:*:*:*", "matchCriteriaId": "BD65F43C-98A9-46A1-BCC4-79ACB5F5C6B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991245:*:*:*:*:*:*:*", "matchCriteriaId": "B0A9F1C7-1C0A-42B1-91D3-676E03E64BB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991246:*:*:*:*:*:*:*", "matchCriteriaId": "A886B4DC-30E9-4C41-A79A-96F309F343F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991250:*:*:*:*:*:*:*", "matchCriteriaId": "C28AEC3C-20F0-4BFB-B7B6-30336C631400", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.991251:*:*:*:*:*:*:*", "matchCriteriaId": "7D0521BF-A66D-4663-83C6-49E650454ED5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999901:*:*:*:*:*:*:*", "matchCriteriaId": "2C95BB3D-774C-4C71-9A3A-15938BA5CF6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999902:*:*:*:*:*:*:*", "matchCriteriaId": "B583B413-4B8E-4FA3-9CD1-A650CEAB9449", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999903:*:*:*:*:*:*:*", "matchCriteriaId": "CDC7A6F1-BD38-4119-B5A7-56A50EC6C9C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999904:*:*:*:*:*:*:*", "matchCriteriaId": "2DEFF843-57F4-4553-ABD3-7269A32A6DE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999905:*:*:*:*:*:*:*", "matchCriteriaId": "E8A7C4E6-5E3E-43CB-8F54-4AA5563EA98C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999906:*:*:*:*:*:*:*", "matchCriteriaId": "C6CB9879-D8B4-45CA-BF63-D4681C403818", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999907:*:*:*:*:*:*:*", "matchCriteriaId": "66EE203A-CFB1-4317-879D-E6A44F063F66", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999908:*:*:*:*:*:*:*", "matchCriteriaId": "F7978FDA-7622-4041-BE9E-28F99A1FB16E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999909:*:*:*:*:*:*:*", "matchCriteriaId": "B0975B5B-5409-42F5-A50F-644A80F3E5F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999910:*:*:*:*:*:*:*", "matchCriteriaId": "69AB9069-49F9-43B5-9F0F-04BBB145FD7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999911:*:*:*:*:*:*:*", "matchCriteriaId": "77CA7A3A-254D-4154-8AFB-FA7BC4EB286A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999912:*:*:*:*:*:*:*", "matchCriteriaId": "0FA8D9CE-BD9E-4BD2-B38C-909CCE0D3842", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999913:*:*:*:*:*:*:*", "matchCriteriaId": "6DABFC81-F44C-46AB-B9CD-D35624F5071A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999914:*:*:*:*:*:*:*", "matchCriteriaId": "DE8BDB83-641B-4858-B00A-EEFC9F583050", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999920:*:*:*:*:*:*:*", "matchCriteriaId": "D010713B-DE3E-4E76-8299-FF50D19ADA45", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999921:*:*:*:*:*:*:*", "matchCriteriaId": "92B83ECE-5D7C-417D-9957-976ECE8E2308", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999922:*:*:*:*:*:*:*", "matchCriteriaId": "59E2E6AF-11DD-4C51-A84F-129D160ACAFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999923:*:*:*:*:*:*:*", "matchCriteriaId": "E9590109-8DFC-4E78-B678-8456A0621C08", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999924:*:*:*:*:*:*:*", "matchCriteriaId": "03FD1031-0C3D-45F1-BFD9-823C6D4B69F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999925:*:*:*:*:*:*:*", "matchCriteriaId": "44059C1E-CDC6-4B75-92CC-CD45C5063F9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999926:*:*:*:*:*:*:*", "matchCriteriaId": "6278FC7E-6852-46B1-9F38-58847391B2F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999927:*:*:*:*:*:*:*", "matchCriteriaId": "88FDE0AA-B353-4CD8-BC9D-DFC709031FF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999928:*:*:*:*:*:*:*", "matchCriteriaId": "CABDE1E8-17E9-4EF5-91C7-9688B0F49AE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999929:*:*:*:*:*:*:*", "matchCriteriaId": "66454D2F-C566-4F3D-AF78-C3FE75A6C62D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999930:*:*:*:*:*:*:*", "matchCriteriaId": "83E28BE4-60FE-46E9-8AA4-45B14A34E2CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999931:*:*:*:*:*:*:*", "matchCriteriaId": "914475F6-3C2F-4D15-8017-588763BF37E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999932:*:*:*:*:*:*:*", "matchCriteriaId": "12806A34-36FA-4B19-B84E-7385A8EDB302", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999933:*:*:*:*:*:*:*", "matchCriteriaId": "DAB41DB0-C61F-441F-A8C7-624845EE39ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999934:*:*:*:*:*:*:*", "matchCriteriaId": "3762061D-FCC3-43EE-BC73-1BEF6BBC8980", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999935:*:*:*:*:*:*:*", "matchCriteriaId": "8FE3BAE8-B78E-490E-90A7-8DF957D9CA7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999936:*:*:*:*:*:*:*", "matchCriteriaId": "C347C9AE-D2AA-4440-B506-1B692C7C52CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999937:*:*:*:*:*:*:*", "matchCriteriaId": "62704DAC-BFE8-4D27-9F2E-FB8D70E43063", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999938:*:*:*:*:*:*:*", "matchCriteriaId": "3C3E1157-11FB-45FA-8E4A-53A3614B335D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999939:*:*:*:*:*:*:*", "matchCriteriaId": "A9674613-3BDB-471E-A109-83FF1463FCAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999940:*:*:*:*:*:*:*", "matchCriteriaId": "DB59D0D0-E453-4700-9A96-9A452E5C90E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999941:*:*:*:*:*:*:*", "matchCriteriaId": "D5A3B80D-8BD9-4F01-AAA8-B50CB3084E41", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:0.999950:*:*:*:*:*:*:*", "matchCriteriaId": "EBCB14A8-635D-4652-9F76-E718F60D0FC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FD46D41-AE54-4223-A659-7E21EC0EC6A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "393D68B4-0E53-4973-80FF-F57CC470E16B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "151552D1-9D07-4424-863B-FC1948619799", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "A06E107C-680E-4032-9E4A-1A8A641BB0E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.12:*:*:*:*:*:*:*", "matchCriteriaId": "B0950430-F9CC-4FF8-801B-62BDCEEDA356", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.13:*:*:*:*:*:*:*", "matchCriteriaId": "1D6573B3-A92D-497E-8238-9F934C519A51", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.14:*:*:*:*:*:*:*", "matchCriteriaId": "C04F3413-81FB-4B48-8D43-FD7E367B711E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mojolicious:mojolicious:1.15:*:*:*:*:*:*:*", "matchCriteriaId": "40F11435-B786-44F2-9E6B-09E0C743913F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI."}, {"lang": "es", "value": "Una vulnerabilidad de salto de directorio en Path.pm en Mojolicious antes de v1.16 permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de un 2f%..%2f (barra punto punto barra) en una URI."}], "id": "CVE-2011-1589", "lastModified": "2024-11-21T01:26:39.880", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-04-29T22:55:02.467", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952"}, {"source": "secalert@redhat.com", "url": "http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.16/Changes"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058885.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058891.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "http://openwall.com/lists/oss-security/2011/04/17/1"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "http://openwall.com/lists/oss-security/2011/04/18/3"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://openwall.com/lists/oss-security/2011/04/18/7"}, {"source": "secalert@redhat.com", "url": "http://perlninja.posterous.com/sharks-in-the-water"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://search.cpan.org/CPAN/authors/id/K/KR/KRAIH/Mojolicious-1.16.tar.gz"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44051"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/44359"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2011/dsa-2221"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.osvdb.org/71850"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/47402"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/1072"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/1093"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697229"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66830"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/kraih/mojo/commit/b09854988c5b5b6a2ba53cc8661c4b2677da3818"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://github.com/kraih/mojo/issues/114"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.16/Changes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058885.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058891.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://openwall.com/lists/oss-security/2011/04/17/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://openwall.com/lists/oss-security/2011/04/18/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://openwall.com/lists/oss-security/2011/04/18/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://perlninja.posterous.com/sharks-in-the-water"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://search.cpan.org/CPAN/authors/id/K/KR/KRAIH/Mojolicious-1.16.tar.gz"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/44051"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/44359"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2011/dsa-2221"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/71850"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/47402"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/1072"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/1093"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=697229"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66830"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/kraih/mojo/commit/b09854988c5b5b6a2ba53cc8661c4b2677da3818"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/kraih/mojo/issues/114"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}