Strix
26.1K

CVE-2011-1589

UnknownEPSS 3.85%

Last modified

CVE-2011-1589 is a vulnerability of currently unknown severity. Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.. EPSS estimates a 3.85% chance of exploitation in the next 30 days.

Description

Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.

Metrics

EPSS Probability
3.85%

88.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
MojoliciousMojolicious0.2
MojoliciousMojolicious0.3
MojoliciousMojolicious0.4
MojoliciousMojolicious0.5
MojoliciousMojolicious0.6
MojoliciousMojolicious0.7
MojoliciousMojolicious0.8
MojoliciousMojolicious0.8.1
MojoliciousMojolicious0.8.2
MojoliciousMojolicious0.8.3
MojoliciousMojolicious0.8.4
MojoliciousMojolicious0.8.5
MojoliciousMojolicious0.9
MojoliciousMojolicious0.8006
MojoliciousMojolicious0.8007
MojoliciousMojolicious0.8008
MojoliciousMojolicious0.8009
MojoliciousMojolicious0.9001
MojoliciousMojolicious0.9002
MojoliciousMojolicious0.991231
MojoliciousMojolicious0.991232
MojoliciousMojolicious0.991233
MojoliciousMojolicious0.991234
MojoliciousMojolicious0.991235
MojoliciousMojolicious0.991236
MojoliciousMojolicious0.991237
MojoliciousMojolicious0.991238
MojoliciousMojolicious0.991239
MojoliciousMojolicious0.991240
MojoliciousMojolicious0.991241
MojoliciousMojolicious0.991242
MojoliciousMojolicious0.991243
MojoliciousMojolicious0.991244
MojoliciousMojolicious0.991245
MojoliciousMojolicious0.991246
MojoliciousMojolicious0.991250
MojoliciousMojolicious0.991251
MojoliciousMojolicious0.999901
MojoliciousMojolicious0.999902
MojoliciousMojolicious0.999903
MojoliciousMojolicious0.999904
MojoliciousMojolicious0.999905
MojoliciousMojolicious0.999906
MojoliciousMojolicious0.999907
MojoliciousMojolicious0.999908
MojoliciousMojolicious0.999909
MojoliciousMojolicious0.999910
MojoliciousMojolicious0.999911
MojoliciousMojolicious0.999912
MojoliciousMojolicious0.999913

Showing 50 of 82 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2011-1589?
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
How severe is CVE-2011-1589?
Severity scoring for CVE-2011-1589 is pending analysis. The EPSS model estimates a 3.85% probability of exploitation in the next 30 days.
How do I fix CVE-2011-1589?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-1589?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST