CVE-2020-7647
N/A
N/A
Summary
All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | io.jooby:jooby and org.jooby:jooby | all versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 | affected |
Weaknesses
- Directory Traversal
ADP Enrichment
CVE Program Container
Additional References
- https://snyk.io/vuln/SNYK-JAVA-IOJOOBY-568806%2C
- https://snyk.io/vuln/SNYK-JAVA-ORGJOOBY-568807%2C
- https://github.com/jooby-project/jooby/commit/34f526028e6cd0652125baa33936ffb6a8a4a009
References
- https://snyk.io/vuln/SNYK-JAVA-IOJOOBY-568806%2C
- https://snyk.io/vuln/SNYK-JAVA-ORGJOOBY-568807%2C
- https://github.com/jooby-project/jooby/commit/34f526028e6cd0652125baa33936ffb6a8a4a009
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.