Описание
Path traversal vulnerability in glance
Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in CVE-2018-3715.
Пакеты
glance
< 3.0.9
3.0.9
Связанные уязвимости
Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://security.snyk.io/vuln/npm:glance:20180129).
Уязвимость HTTP-сервера glance, связанная с возможностью обхода каталога с ограниченным доступом, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации