CVE-2019-10242: Path Traversal

April 9, 2019 (updated October 9, 2019)

In Eclipse Kura, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types.

References

www.securityfocus.com/bid/107844
bugs.eclipse.org/bugs/show_bug.cgi?id=545835
nvd.nist.gov/vuln/detail/CVE-2019-10242

Detect and mitigate CVE-2019-10242 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →