VYPR

Resources plugin

by Cloudfoundry

CVEs (2)

  • CVE-2014-2858Apr 15, 2014
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per…

  • CVE-2014-0053Apr 15, 2014
    risk 0.00cvss epss 0.02

    The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this…