CVE-2018-13034

Name of the Vulnerable Software and Affected Versions Jester web framework version 0.2.0

Description The issue allows remote attackers to fetch files in arbitrary locations via "..%f" sequences, which is a result of a directory traversal vulnerability.

Recommendations For Jester web framework version 0.2.0, consider restricting access to sensitive files and directories as a temporary workaround until a patch is available. Avoid using the "..%f" sequence in file requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.