Vulnerability Details CVE-2020-35883
An issue was discovered in the mozwire crate through 2020-08-18 for Rust. A ../ directory-traversal situation allows overwriting local files that have .conf at the end of the filename.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.7%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
Products affected by CVE-2020-35883
-
cpe:2.3:a:mozwire_project:mozwire:0.1.0
-
cpe:2.3:a:mozwire_project:mozwire:0.2.0
-
cpe:2.3:a:mozwire_project:mozwire:0.3.0
-
cpe:2.3:a:mozwire_project:mozwire:0.4.0
-
cpe:2.3:a:mozwire_project:mozwire:0.4.1