CVE-2023-1070: External Control of File Name or Path

February 27, 2023 (updated March 7, 2023)

External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.

References

github.com/advisories/GHSA-x36g-4629-xp9v
github.com/nilsteampassnet/teampass/commit/0af3574caba27a61b16dc25c94fa51ae12d2d967
huntr.dev/bounties/318bfdc4-7782-4979-956f-9ba2cc44889c
nvd.nist.gov/vuln/detail/CVE-2023-1070

Code Behaviors & Features

Detect and mitigate CVE-2023-1070 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →