eu.hinsch:spring-boot-actuator-logview@0.2.13 vulnerabilities

latest version

0.2.13
first published

9 years ago
latest version published

3 years ago
licenses detected
- MIT
  [0.1.0,)
package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the eu.hinsch:spring-boot-actuator-logview package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
L Directory Traversal Affected versions of this package are vulnerable to Directory Traversal due to an incomplete fix for CVE-2021-21234. This allows a privileged user to access sibling directories whose name starts with the same string as the intended directory - a limited subset of the directories vulnerable to exposure in the former vulnerability - via `LogViewEndpoint.view`. How to fix Directory Traversal? There is no fixed version for `eu.hinsch:spring-boot-actuator-logview`.	[0,)

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal due to an incomplete fix for CVE-2021-21234. This allows a privileged user to access sibling directories whose name starts with the same string as the intended directory - a limited subset of the directories vulnerable to exposure in the former vulnerability - via LogViewEndpoint.view.

How to fix Directory Traversal?

There is no fixed version for eu.hinsch:spring-boot-actuator-logview.

[0,)

Go back to all versions of this package

eu.hinsch:spring-boot-actuator-logview@0.2.13 vulnerabilities

latest version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities