CVE-2018-19052

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-19052
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-19052.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-19052
Downstream
Related
Published
2018-11-07T05:29:00Z
Modified
2025-09-19T09:30:41.783781Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in modaliasphysicalhandler in modalias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.

References

Affected packages

Git / github.com/lighttpd/lighttpd1.4

Affected ranges

Type
GIT
Repo
https://github.com/lighttpd/lighttpd1.4
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
2105dae0f9d7a964375ce681e53cb165375f84c1

Affected versions

lighttpd-1.*

lighttpd-1.3.11
lighttpd-1.3.12
lighttpd-1.3.13
lighttpd-1.3.14
lighttpd-1.3.15
lighttpd-1.3.16
lighttpd-1.4.1
lighttpd-1.4.2
lighttpd-1.4.25
lighttpd-1.4.26
lighttpd-1.4.27
lighttpd-1.4.28
lighttpd-1.4.29
lighttpd-1.4.3
lighttpd-1.4.30
lighttpd-1.4.31
lighttpd-1.4.32
lighttpd-1.4.33
lighttpd-1.4.34
lighttpd-1.4.35
lighttpd-1.4.36
lighttpd-1.4.36--rc1
lighttpd-1.4.37
lighttpd-1.4.38
lighttpd-1.4.39
lighttpd-1.4.4
lighttpd-1.4.40
lighttpd-1.4.41
lighttpd-1.4.42
lighttpd-1.4.43
lighttpd-1.4.44
lighttpd-1.4.45
lighttpd-1.4.46
lighttpd-1.4.47
lighttpd-1.4.48
lighttpd-1.4.49
lighttpd-1.4.5
lighttpd-1.4.6
lighttpd-1.4.7

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2018-19052-1be13382",
            "digest": {
                "length": 1029.0,
                "function_hash": "149042138735570835025939466017948242542"
            },
            "signature_version": "v1",
            "deprecated": false,
            "target": {
                "file": "src/mod_alias.c",
                "function": "PHYSICALPATH_FUNC"
            },
            "signature_type": "Function",
            "source": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
        },
        {
            "id": "CVE-2018-19052-387c5170",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "303192333452448327106390395563064620760",
                    "80679466272643474847981161116281953383",
                    "208143731090529638039435268477316973998"
                ]
            },
            "signature_version": "v1",
            "deprecated": false,
            "target": {
                "file": "src/mod_alias.c"
            },
            "signature_type": "Line",
            "source": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
        }
    ]
}