Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
Conclusion & alert: CVE-2011-1589 is rated High Exploit Risk (64.4/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 2.11%). Core evidence: 7 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ | |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-03-30 | 1.60% | 2.11% | +0.51% |
| 2 | 2025-03-29 | 2.11% | 1.60% | -0.51% |
| 3 | 2025-03-19 | — | 2.11% | — |
Full EPSS history (6 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.0 | 2.0 | MEDIUM |
|
10.0 | 2.9 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
not yet assigned | CVE-2011-1589 not yet assigned priority: Debian including 1 source packages (libmojolicious-perl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. | https://security-tracker.debian.org/tracker/CVE-2011-1589 |
ubuntu
|
medium | CVE-2011-1589 medium priority: Ubuntu including 1 source packages (libmojolicious-perl), 9 status rows across 9 suites (dapper, hardy, lucid, maverick, natty, oneiric, precise, quantal, upstream): DNE 4, not-affected 3, ignored 1, released 1. | https://ubuntu.com/security/CVE-2011-1589 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| mojolicious | mojolicious | 0.2 | cpe:2.3:a:mojolicious:mojolicious:0.2:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.3 | cpe:2.3:a:mojolicious:mojolicious:0.3:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.4 | cpe:2.3:a:mojolicious:mojolicious:0.4:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.5 | cpe:2.3:a:mojolicious:mojolicious:0.5:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.6 | cpe:2.3:a:mojolicious:mojolicious:0.6:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.7 | cpe:2.3:a:mojolicious:mojolicious:0.7:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8 | cpe:2.3:a:mojolicious:mojolicious:0.8:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8.1 | cpe:2.3:a:mojolicious:mojolicious:0.8.1:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8.2 | cpe:2.3:a:mojolicious:mojolicious:0.8.2:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8.3 | cpe:2.3:a:mojolicious:mojolicious:0.8.3:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8.4 | cpe:2.3:a:mojolicious:mojolicious:0.8.4:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8.5 | cpe:2.3:a:mojolicious:mojolicious:0.8.5:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.9 | cpe:2.3:a:mojolicious:mojolicious:0.9:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8006 | cpe:2.3:a:mojolicious:mojolicious:0.8006:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8007 | cpe:2.3:a:mojolicious:mojolicious:0.8007:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8008 | cpe:2.3:a:mojolicious:mojolicious:0.8008:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.8009 | cpe:2.3:a:mojolicious:mojolicious:0.8009:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.9001 | cpe:2.3:a:mojolicious:mojolicious:0.9001:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.9002 | cpe:2.3:a:mojolicious:mojolicious:0.9002:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991231 | cpe:2.3:a:mojolicious:mojolicious:0.991231:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991232 | cpe:2.3:a:mojolicious:mojolicious:0.991232:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991233 | cpe:2.3:a:mojolicious:mojolicious:0.991233:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991234 | cpe:2.3:a:mojolicious:mojolicious:0.991234:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991235 | cpe:2.3:a:mojolicious:mojolicious:0.991235:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991236 | cpe:2.3:a:mojolicious:mojolicious:0.991236:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991237 | cpe:2.3:a:mojolicious:mojolicious:0.991237:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991238 | cpe:2.3:a:mojolicious:mojolicious:0.991238:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991239 | cpe:2.3:a:mojolicious:mojolicious:0.991239:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991240 | cpe:2.3:a:mojolicious:mojolicious:0.991240:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991241 | cpe:2.3:a:mojolicious:mojolicious:0.991241:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991242 | cpe:2.3:a:mojolicious:mojolicious:0.991242:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991243 | cpe:2.3:a:mojolicious:mojolicious:0.991243:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991244 | cpe:2.3:a:mojolicious:mojolicious:0.991244:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991245 | cpe:2.3:a:mojolicious:mojolicious:0.991245:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991246 | cpe:2.3:a:mojolicious:mojolicious:0.991246:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991250 | cpe:2.3:a:mojolicious:mojolicious:0.991250:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.991251 | cpe:2.3:a:mojolicious:mojolicious:0.991251:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999901 | cpe:2.3:a:mojolicious:mojolicious:0.999901:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999902 | cpe:2.3:a:mojolicious:mojolicious:0.999902:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999903 | cpe:2.3:a:mojolicious:mojolicious:0.999903:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999904 | cpe:2.3:a:mojolicious:mojolicious:0.999904:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999905 | cpe:2.3:a:mojolicious:mojolicious:0.999905:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999906 | cpe:2.3:a:mojolicious:mojolicious:0.999906:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999907 | cpe:2.3:a:mojolicious:mojolicious:0.999907:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999908 | cpe:2.3:a:mojolicious:mojolicious:0.999908:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999909 | cpe:2.3:a:mojolicious:mojolicious:0.999909:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999910 | cpe:2.3:a:mojolicious:mojolicious:0.999910:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999911 | cpe:2.3:a:mojolicious:mojolicious:0.999911:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999912 | cpe:2.3:a:mojolicious:mojolicious:0.999912:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999913 | cpe:2.3:a:mojolicious:mojolicious:0.999913:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999914 | cpe:2.3:a:mojolicious:mojolicious:0.999914:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999920 | cpe:2.3:a:mojolicious:mojolicious:0.999920:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999921 | cpe:2.3:a:mojolicious:mojolicious:0.999921:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999922 | cpe:2.3:a:mojolicious:mojolicious:0.999922:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999923 | cpe:2.3:a:mojolicious:mojolicious:0.999923:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999924 | cpe:2.3:a:mojolicious:mojolicious:0.999924:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999925 | cpe:2.3:a:mojolicious:mojolicious:0.999925:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999926 | cpe:2.3:a:mojolicious:mojolicious:0.999926:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999927 | cpe:2.3:a:mojolicious:mojolicious:0.999927:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999928 | cpe:2.3:a:mojolicious:mojolicious:0.999928:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999929 | cpe:2.3:a:mojolicious:mojolicious:0.999929:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999930 | cpe:2.3:a:mojolicious:mojolicious:0.999930:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999931 | cpe:2.3:a:mojolicious:mojolicious:0.999931:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999932 | cpe:2.3:a:mojolicious:mojolicious:0.999932:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999933 | cpe:2.3:a:mojolicious:mojolicious:0.999933:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999934 | cpe:2.3:a:mojolicious:mojolicious:0.999934:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999935 | cpe:2.3:a:mojolicious:mojolicious:0.999935:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999936 | cpe:2.3:a:mojolicious:mojolicious:0.999936:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999937 | cpe:2.3:a:mojolicious:mojolicious:0.999937:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999938 | cpe:2.3:a:mojolicious:mojolicious:0.999938:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999939 | cpe:2.3:a:mojolicious:mojolicious:0.999939:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999940 | cpe:2.3:a:mojolicious:mojolicious:0.999940:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999941 | cpe:2.3:a:mojolicious:mojolicious:0.999941:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 0.999950 | cpe:2.3:a:mojolicious:mojolicious:0.999950:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 1.0 | cpe:2.3:a:mojolicious:mojolicious:1.0:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 1.1 | cpe:2.3:a:mojolicious:mojolicious:1.1:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 1.01 | cpe:2.3:a:mojolicious:mojolicious:1.01:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 1.11 | cpe:2.3:a:mojolicious:mojolicious:1.11:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 1.12 | cpe:2.3:a:mojolicious:mojolicious:1.12:*:*:*:*:*:*:* |
| mojolicious | mojolicious | 1.13 | cpe:2.3:a:mojolicious:mojolicious:1.13:*:*:*:*:*:*:* |