CVE-2020-25623

Published October 2nd, 2020

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.

erlang/otp

Erlang/OTP

GitHub

12.2K