Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-43fw-536j-w37j: Yamcs API Directory Traversal vulnerability

Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request.

ghsa
#vulnerability#git

Yamcs API Directory Traversal vulnerability

Moderate severity GitHub Reviewed Published Oct 19, 2023 to the GitHub Advisory Database • Updated Oct 19, 2023

Related news

CVE-2023-45278: Comparing yamcs-5.8.6...yamcs-5.8.7 · yamcs/yamcs

Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request.

CVE-2023-45281: Yamcs v5.8.6 Vulnerability Assessment

An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file.