Описание
This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pistache | not-affected | package |
Примечания
https://github.com/pistacheio/pistache/pull/1065
https://github.com/pistacheio/pistache/commit/4ba6da096611d11849aa37ee342c032a306ee885 (0.0.5)
Связанные уязвимости
CVSS3: 6.5
nvd
почти 4 года назад
This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server.
CVSS3: 7.5
github
почти 4 года назад
This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server.