vulnerability

FreeBSD: VID-2bab995f-36d4-11ea-9dad-002590acae31 (CVE-2019-19781): Template::Toolkit -- Directory traversal on write

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Jan 14, 2020	Jan 15, 2020	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Jan 14, 2020

Added

Jan 15, 2020

Modified

Dec 10, 2025

Description

Art Manion and Will Dormann report: By using an older and less-secure form of open(), it is possible for untrusted template files to cause reads/writes outside of the template directories. This vulnerability is a component of the recent Citrix exploit.

Solution

freebsd-upgrade-package-p5-template-toolkit

References

CVE-2019-19781
https://attackerkb.com/topics/CVE-2019-19781
CWE-22

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today