1. Home
  2. CVE Database
  3. CVE-2017-1000448
HIGH · 7.5

CVE-2017-1000448

Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host.

Vulnerability Description

Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Structured-DataStructured Data Linter<= 2.4.1

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2017-1000448?

CVE-2017-1000448 is a vulnerability with a CVSS score of 7.5 (HIGH). Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host.

How severe is CVE-2017-1000448?

CVE-2017-1000448 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-1000448?

Check the references section above for vendor advisories and patch information. Affected products include: Structured-Data Structured Data Linter.