CVE-2019-10242

CVE-2019-10242

Vendor The Eclipse Foundation
Product Eclipse Kura
Weakness CWE-22 · Path traversal
Published April 9, 2019
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types.

Key dates

02Disclosure timeline

April 9, 2019 CVE published
August 4, 2024 Record updated