Google » Chrome » 25.0.1364.120 : Security Vulnerabilities, CVEs, Published In 2013 (Directory traversal) CVSS score >= 7
The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.
Max CVSS
7.5
EPSS Score
1.10%
Published
2013-08-21
Updated
2017-09-19
Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases.
Max CVSS
7.5
EPSS Score
0.33%
Published
2013-03-05
Updated
2017-09-19
2 vulnerabilities found