Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-43fw-536j-w37j: Yamcs API Directory Traversal vulnerability

Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request.

ghsa
Open in Source
#vulnerability#git

Yamcs API Directory Traversal vulnerability

Moderate severity GitHub Reviewed Published Oct 19, 2023 to the GitHub Advisory Database • Updated Oct 19, 2023

Related news

CVE-2023-45278: Comparing yamcs-5.8.6...yamcs-5.8.7 · yamcs/yamcs

Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request.

CVE-2023-45281: Yamcs v5.8.6 Vulnerability Assessment

An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file.

ghsa: Latest News

GHSA-6hrw-x7pr-4mp8: LF Edge eKuiper allows Stored XSS in Rules Functionality
ghsa