Nom de la faiblesse | Source | |
---|---|---|
Improper Link Resolution Before File Access ('Link Following') The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
Métriques | Score | Gravité | CVSS Vecteur | Source |
---|---|---|---|---|
V2 | 4.4 | AV:L/AC:M/Au:N/C:P/I:P/A:P | [email protected] |
Phusion>>Passenger >> Version To (including) 4.0.5
Phusion>>Passenger >> Version 4.0.1
Phusion>>Passenger >> Version 4.0.2
Phusion>>Passenger >> Version 4.0.3
Phusion>>Passenger >> Version 4.0.4
Ruby-lang>>Ruby >> Version *