VYPR

Grails Resources

by Gopivotal

CVEs (3)

  • CVE-2014-2858Apr 15, 2014
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per…

  • CVE-2014-2857Apr 15, 2014
    risk 0.00cvss epss 0.01

    The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue…

  • CVE-2014-0053Apr 15, 2014
    risk 0.00cvss epss 0.02

    The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this…