Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
2001-12-29T05:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:C/I:N/A:N
10.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cherokee | cherokee_httpd | 0.1 | Yes |
| Application | cherokee | cherokee_httpd | 0.1.5 | Yes |
| Application | cherokee | cherokee_httpd | 0.1.6 | Yes |
| Application | cherokee | cherokee_httpd | 0.2 | Yes |
| Application | cherokee | cherokee_httpd | 0.2.5 | Yes |
| Application | cherokee | cherokee_httpd | 0.2.6 | Yes |
| Application | cherokee | cherokee_httpd | 0.2.7 | Yes |