CVE-2024-9146

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Published: Oct 5, 2024 / Updated: 45d ago

010
CVSS 4.9EPSS 0.04%Medium
CVE info copied to clipboard

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in James Low CSS JS Files allows Path Traversal.This issue affects CSS JS Files: from n/a through 1.5.0.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Timeline

CVE Assignment

NVD published the first details for CVE-2024-9146

Oct 5, 2024 at 11:15 AM
First Article

Feedly found the first article mentioning CVE-2024-9146. See article

Oct 5, 2024 at 11:21 AM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Oct 5, 2024 at 11:21 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 11.2%)

Oct 6, 2024 at 11:57 AM
Static CVE Timeline Graph

Affected Systems

Apache/james
+null more

Attack Patterns

CAPEC-126: Path Traversal
+null more

News

CVE-2024-9146
Medium Severity Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in James Low CSS JS Files allows Path Traversal.This issue affects CSS JS Files: from n/a through 1.5.0. Read more at https://www.tenable.com/cve/CVE-2024-9146
NA - CVE-2024-9146 - Improper Limitation of a Pathname to a...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in James Low CSS JS Files allows Path Traversal.This issue affects CSS JS Files: from n/a...
CVE-2024-9146 | James Low CSS JS Files Plugin up to 1.5.0 on WordPress path traversal
A vulnerability was found in James Low CSS JS Files Plugin up to 1.5.0 on WordPress. It has been declared as problematic . This vulnerability affects unknown code. The manipulation leads to path traversal. This vulnerability was named CVE-2024-9146 . The attack can be initiated remotely. There is no exploit available.
CVE-2024-9146 - James Low CSS JS Files Path Traversal Vulnerability
CVE ID : CVE-2024-9146 Published : Oct. 5, 2024, 11:15 a.m. 21 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in James Low CSS JS Files allows Path Traversal.This issue affects CSS JS Files: from n/a through 1.5.0. Severity: 4.9
CVE-2024-9146
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in James Low CSS JS Files allows Path Traversal.This issue affects CSS JS Files: from n/a through...
See 3 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI