- Description
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or Directories Accessible to External Parties vulnerability in Apache Doris. Application administrators can read arbitrary files from the server filesystem through path traversal. Users are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- security@apache.org
- CWE-22
- Hype score
- Not currently trending
CVE-2024-48019 CVE-2024-48019 https://t.co/Vw9g9zEbrD
@VulmonFeeds
4 Feb 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-48019 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or Directories Accessible to External Parties vulnerability in Apache Doris. A… https://t.co/Iv8Oa3MHfD
@CVEnew
4 Feb 2025
296 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-48019: Apache Doris: allows admin users to read arbitrary files through the REST API https://t.co/L86UnmpKRL Application administrators can read arbitrary files from the server filesystem through path traversal
@oss_security
4 Feb 2025
190 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes