CVE-2024-35474 | THREATINT

Description

A Directory Traversal vulnerability in iceice666 ResourcePack Server before v1.0.8 allows a remote attacker to disclose files on the server, via setPath in ResourcePackFileServer.kt.

PUBLISHED Reserved 2024-05-17 | Published 2024-06-10 | Updated 2024-10-29 | Assigner mitre

MEDIUM: 6.5CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:U/UI:N

References

gist.github.com/apple502j/e99ca3a00e492bf1c942214b13213b46

cve.org (CVE-2024-35474)

nvd.nist.gov (CVE-2024-35474)

Download JSON