Description
A Directory Traversal vulnerability in ladle dev server 2.5.1 and earlier allows an attacker on the same network to read files accessible to the user via GET requests.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://www.runjak.codes/posts/2024-03-21-ladle-cve |
|
History
Thu, 21 Nov 2024 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-22 | |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-11-21T15:09:22.578Z
Reserved: 2023-02-06T00:00:00.000Z
Link: CVE-2023-25341
Updated: 2024-08-02T11:18:36.261Z
Status : Deferred
Published: 2024-03-28T22:15:09.170
Modified: 2026-06-17T05:41:06.377
Link: CVE-2023-25341
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')