Vulnerability Details CVE-2022-28380
The rc-httpd component through 2022-03-31 for 9front (Plan 9 fork) allows ..%2f directory traversal if serve-static is used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2022-28380
-
cpe:2.3:a:rc-httpd_project:rc-httpd:*