CVE-2019-11082
Description
core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.588
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-11082 are affected in Tudarmstadt - de.tudarmstadt.ukp.dkpro.core.api.datasets-asl 1.10.0 | Windows |
| Vulnerabilities CVE-2019-11082 are affected in Tudarmstadt - de.tudarmstadt.ukp.dkpro.core.api.datasets-asl for Linux 1.10.0 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234