CVE-2025-14311
- Source
- https://cve.org/CVERecord?id=CVE-2025-14311
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14311.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-14311
- Published
- 2025-12-09T16:17:39.263Z
- Modified
- 2026-03-12T17:37:47.186386Z
- Severity
-
- 6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
- Summary
- [none]
- Details
-
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JMRI.This issue affects JMRI: before 5.13.3.
- References
Affected packages
Git / github.com/JMRI/JMRI
Affected versions
4.*
4.99.6
Other
First-J11-master
LE-MVC-2
LE-MVC-3
LE-MVC-4
Last-Java-8
Last-j11master
list
svn-30001
untagged-3b3fa919c006ff808489
V5.*
V5.3.1
v4.*
v4.1.3
v4.11.1
v4.11.3
v4.11.4
v4.11.5
v4.11.6
v4.11.8
v4.11.9
v4.13.1
v4.13.2
v4.13.4
v4.13.5
v4.13.6
v4.13.7
v4.15.1
v4.15.10
v4.15.2
v4.15.3
v4.15.5
v4.15.6
v4.15.7
v4.15.8
v4.15.9
v4.16
v4.17.1
v4.17.3
v4.17.4
v4.17.5
v4.17.6
v4.17.7
v4.17.8
v4.19.1
v4.19.2
v4.19.3
v4.19.4
v4.19.5
v4.19.6
v4.19.7
v4.19.8
v4.19.9
v4.20
v4.21.2
v4.21.4
v4.23.1
v4.23.2
v4.23.3
v4.23.5
v4.23.7
v4.23.8
v4.25.2
v4.25.3
v4.25.4
v4.25.5
v4.25.6
v4.25.8
v4.25.9
v4.26
v4.27.1
v4.3.1
v4.3.2
v4.3.4
v4.3.5
v4.3.6
v4.3.7
v4.5.1
v4.5.3
v4.5.3a
v4.5.4
v4.5.6
v4.5.7
v4.7.2
v4.7.3
v4.7.4
v4.7.5
v4.7.7
v4.7.8
v4.9.1
v4.9.2
v4.9.4
v4.99.1
v4.99.2
v4.99.3
v4.99.4
v4.99.5
v4.99.6
v4.99.7
v4.99.8
v4.99.9
v5.*
v5.1.1
v5.1.2
v5.1.3
v5.1.4
v5.1.5
v5.1.6
v5.1.7
v5.10
v5.11.1
v5.11.2
v5.11.3
v5.11.4
v5.11.5
v5.11.6
v5.11.7
v5.13.2
v5.3.1
v5.3.2
v5.3.3
v5.3.4
v5.3.5
v5.3.6
v5.3.7
v5.3.8
v5.5.1
v5.5.2
v5.5.3
v5.5.4
v5.5.5
v5.5.6
v5.5.7
v5.5.8
v5.7.1
v5.7.2
v5.7.3
v5.7.4
v5.7.5
v5.7.6
v5.7.7
v5.7.8
v5.7.9
v5.8
v5.9.1
v5.9.2
v5.9.3
v5.9.4
v5.9.5
v5.9.6
v5.9.7
v5.9.8