CVE-2020-7647

Summary

All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors.

Affected Software

VendorProductVersion RangeStatus
n/aio.jooby:jooby and org.jooby:joobyall versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2affected

Weaknesses

  • Directory Traversal

ADP Enrichment

CVE Program Container

Additional References

References