CVE-2019-15714

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
28/08/2019
Last modified:
04/09/2019

Description

cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:entropic_project:entropic:*:*:*:*:*:*:*:* 2019-06-13 (excluding)


References to Advisories, Solutions, and Tools