CVE-2014-2858

Published: Apr 15, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per ADT2 due to different vulnerability types.

Affected (38)

Products: Gopivotal: Grails Resources, Grails

Gopivotal

2 products

Grails Resources

Grails

Configuration A

38 vulnerable

Vulnerable Software	Affected Versions
Gopivotal Grails Resources	Version 1.0.0
Gopivotal Grails Resources	Version 1.0.2
Gopivotal Grails Resources	Version 1.1.0
Gopivotal Grails Resources	Version 1.1.1
Gopivotal Grails Resources	Version 1.1.2
Gopivotal Grails Resources	Version 1.1.4
Gopivotal Grails Resources	Version 1.1.5
Gopivotal Grails Resources	Version 1.1.6
Gopivotal Grails Resources	Version 1.2.0
Gopivotal Grails Resources	Version 1.2.1
Gopivotal Grails Resources	Version 1.2.2
Gopivotal Grails Resources	Version 1.2.3
Gopivotal Grails Resources	Version 1.2.4
Gopivotal Grails Resources	Version 1.2.5
Gopivotal Grails	Version 2.0.0
Gopivotal Grails	Version 2.0.1
Gopivotal Grails	Version 2.0.2
Gopivotal Grails	Version 2.0.3
Gopivotal Grails	Version 2.0.4
Gopivotal Grails	Version 2.1.0
Gopivotal Grails	Version 2.1.1
Gopivotal Grails	Version 2.1.2
Gopivotal Grails	Version 2.1.3
Gopivotal Grails	Version 2.1.4
Gopivotal Grails	Version 2.1.5
Gopivotal Grails	Version 2.2.0
Gopivotal Grails	Version 2.2.1
Gopivotal Grails	Version 2.2.2
Gopivotal Grails	Version 2.2.3
Gopivotal Grails	Version 2.2.4
Gopivotal Grails	Version 2.2.5
Gopivotal Grails	Version 2.3.0
Gopivotal Grails	Version 2.3.1
Gopivotal Grails	Version 2.3.2
Gopivotal Grails	Version 2.3.3
Gopivotal Grails	Version 2.3.4
Gopivotal Grails	Version 2.3.5
Gopivotal Grails	Version 2.3.6