漏洞类别:Local
漏洞等级: 
漏洞信息
Gollum is a simple wiki system built on top of Git.
The Precious module in gollum before 4.0.1 allows remote attackers to read arbitrary files by leveraging the lack of a certain temporary-file check.
Affected Versions:
gollum prior 4.0.1
漏洞危害
Successful exploitation allows remote, unauthenticated attackers to gain access to sensitive information on a targeted system.
解决方案
Customers are advised to install gollum 4.0.1 or later versions to remediate this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论