Description

SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability is exploited, arbitrary files on the server may be retrieved when processing crafted HTTP requests.

INFO

Published Date :

2024-10-15T06:10:30.968Z

Last Modified :

2024-10-23T04:58:28.816Z

Source :

jpcert
AFFECTED PRODUCTS

The following products are affected by CVE-2024-46898 vulnerability.

Vendors Products
Ss-proj
  • Shirasagi
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-46898.

URL Resource
https://github.com/shirasagi/shirasagi/commit/5ac4685d7e4330f949f13219069107fc5d768934 cve-icon cve-icon
https://jvn.jp/en/jp/JVN58721679/ cve-icon cve-icon
https://www.ss-proj.org/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact