CVE-2017-15607
CRITICALInedo Otter < 1.7.4 - Path Traversal via Filesystem-Based Rafts
Title source: llmDescription
Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving '/' characters or initial '.' characters, aka OT-181.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://inedo.myjetbrains.com/youtrack/issue/OT-181
Vendor Advisory x_refsource_confirm
https://inedo.com/blog/otter-174-released
Scores
CVSS v3
9.8
EPSS
0.0172
EPSS Percentile
74.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-22
Status
published
Products (1)
inedo/otter
< 1.7.4
Published
Dec 01, 2017
Tracked Since
Feb 18, 2026