Описание
Directory Traversal vulnerability in dagster-webserver Dagster thru 1.5.11 allows remote attackers to obtain sensitive information via crafted request to the /logs endpoint. This may be restricted to certain file names that start with a dot ('.').
EPSS
Процентиль: 74%
0.00799
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
7 месяцев назад
Dagster vulnerable to Path Traversal attack through its /logs endpoint
EPSS
Процентиль: 74%
0.00799
Низкий
7.5 High
CVSS3
Дефекты
CWE-22