NVD

Id
26776  
Name
CVE-2015-5688  
Description
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2015-09-04  
Modified Date
2015-09-04  
Seq
2015-5688  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
141675 26776 CVE-2015-5688 https://github.com/geddy/geddy/commit/2de63b68b3aa6c08848f261ace550a37959ef231  View
141676 26776 CVE-2015-5688 https://github.com/geddy/geddy/issues/697  View
141677 26776 CVE-2015-5688 https://github.com/geddy/geddy/pull/699  View
141678 26776 CVE-2015-5688 https://github.com/geddy/geddy/releases/tag/v13.0.8  View
141679 26776 CVE-2015-5688 https://nodesecurity.io/advisories/geddy-directory-traversal  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
9279 JVNDB-2015-004599 Node.js 用 Geddy の lib/app/index.js におけるディレクトリトラバーサルの脆弱性 Node.js 用 Geddy の lib/app/index.js には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2015-5688 82913 CVE-2015-5688 26776 5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-004599.html 2015-07-28 2015-09-07 View