Headline
GHSA-p223-c4w6-q454: hawtio vulnerable to Path Traversal
hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.
hawtio vulnerable to Path Traversal
Moderate severity GitHub Reviewed Published Jun 1, 2023 to the GitHub Advisory Database • Updated Jun 6, 2023
Related news
CVE-2023-33544: Path Traversal when unzip zip file · Issue #2832 · hawtio/hawtio
hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.