CVE-2020-35883
CRITICAL WAF: High
CVSS 9.1
Published: 2020-12-31
CWE-22
An issue was discovered in the mozwire crate through 2020-08-18 for Rust. A ../ directory-traversal situation allows overwriting local files that have .conf at the end of the filename.
WAF Coverage Analysis
Path Traversal
High WAF Coverage
OWASP: A01:2021 Broken Access Control
930xxx - Local File Inclusion
Affected Software
| Vendor | Product | Version |
|---|---|---|
| mozwire_project | mozwire | up to 0.4.1 |
References
- rustsec.org (Third Party Advisory)