Note:
This project will be discontinued after December 13, 2021. [more]
2019-02-16
In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.
| Products | Hiawatha |
| Type | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) |
| First patch | - None (likely due to unavailable code) |
| Links | https://www.hiawatha-webserver.org/changelog |