Vulnerability Description
A vulnerability classified as problematic was found in opensolon Solon up to 3.0.8. This vulnerability affects unknown code of the file solon-projects/solon-web/solon-web-staticfiles/src/main/java/org/noear/solon/web/staticfiles/StaticMappings.java. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.9 is able to address this issue. The name of the patch is f46e47fd1f8455b9467d7ead3cdb0509115b2ef1. It is recommended to upgrade the affected component.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://github.com/opensolon/solon/commit/f46e47fd1f8455b9467d7ead3cdb0509115b2e
- https://github.com/opensolon/solon/issues/332
- https://github.com/opensolon/solon/issues/332#issue-2866229828
- https://github.com/opensolon/solon/issues/332#issuecomment-2674330700
- https://vuldb.com/?ctiid.296560
- https://vuldb.com/?id.296560
- https://vuldb.com/?submit.504454
FAQ
What is CVE-2025-1584?
CVE-2025-1584 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability classified as problematic was found in opensolon Solon up to 3.0.8. This vulnerability affects unknown code of the file solon-projects/solon-web/solon-web-staticfiles/src/main/java/org...
How severe is CVE-2025-1584?
CVE-2025-1584 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-1584?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.