Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cloudsync LocalFilesystemConnector.java getItem path traversal
Vulnerability Description
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in cloudsync. Affected by this vulnerability is the function getItem of the file src/main/java/cloudsync/connector/LocalFilesystemConnector.java. The manipulation leads to path traversal. It is possible to launch the attack on the local host. The name of the patch is 3ad796833398af257c28e0ebeade68518e0e612a. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216919. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
cloudsync 路径遍历漏洞
Vulnerability Description
cloudsync是Holger Hees个人开发者的一个私人数据的完整备份解决方案。在 linux、windows 和 osx 上增量同步本地文件系统,并使用谷歌驱动器 simliar 加密到 rsync。 cloudsync存在路径遍历漏洞,该漏洞源于文件src/main/java/cloudsync/connector/LocalFilesystemConnector.java的函数getItem存在问题,会导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A