CVE-2024-35474 | iceice666 ResourcePack Server up to 1.0.7 ResourcePackFileServer.kt setPath path traversal

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability classified as critical was found in iceice666 ResourcePack Server up to 1.0.7. Affected by this vulnerability is the function setPath of the file ResourcePackFileServer.kt. The manipulation leads to path traversal.

This vulnerability is known as CVE-2024-35474. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-35474 | iceice666 ResourcePack Server up to 1.0.7 ResourcePackFileServer.kt setPath path traversal

Related Posts

CVE-2024-26944 | Linux Kernel up to 6.8.2/6.9-rc1 zoned do_zone_finish use after free (34ca809e055e/1ec17ef59168)

CVE-2024-6550 | Gravity Forms Plugin up to 1.1.1 on WordPress information disclosure

CVE-2024-9352 | Forminator Forms Plugin up to 1.35.1 on WordPress Draft Custom Forms cross-site request forgery

CVE-2024-20071 | MediaTek MT6890/MT6990/MT7622 WLAN Driver out-of-bounds (WCNCR00364733)