Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2019-17640

Description

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the current working directory.

POC

Reference

No PoCs from references.

Github

- https://github.com/LLfam/LLfam

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/Wala-Alnozmai/SVD-Benchmark

- https://github.com/oananbeh/LLM-Java-SVR-Benchmark

- https://github.com/shoucheng3/vert-x3__vertx-web_CVE-2019-17640_3-9-3