Unrated severityNVD Advisory· Published Nov 26, 2019· Updated Aug 7, 2024

CVE-2011-4350

Description

Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafted URL request.

Affected products

Yaws/Yawsv5
Range: 1.91

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/cve-2011-4350mitrex_refsource_MISC
bugs.debian.org/cgi-bin/bugreport.cgimitrex_refsource_MISC
bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
security-tracker.debian.org/tracker/CVE-2011-4350mitrex_refsource_MISC
www.openwall.com/lists/oss-security/2011/11/25/7mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000