Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-p223-c4w6-q454: hawtio vulnerable to Path Traversal

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.

ghsa
#git

hawtio vulnerable to Path Traversal

Moderate severity GitHub Reviewed Published Jun 1, 2023 to the GitHub Advisory Database • Updated Jun 6, 2023

Related news

CVE-2023-33544: Path Traversal when unzip zip file · Issue #2832 · hawtio/hawtio

hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.