CVE-2019-0225: Path Traversal

March 28, 2019 (updated May 19, 2019)

A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki which could be used by an attacker to obtain registered users’ details.

References

www.securityfocus.com/bid/107627
jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0225
nvd.nist.gov/vuln/detail/CVE-2019-0225

Code Behaviors & Features

Detect and mitigate CVE-2019-0225 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →