CVE-2023-2984: Path Traversal: '\..\filename'

May 30, 2023 (updated June 5, 2023)

Path Traversal: ‘..\filename’ in GitHub repository pimcore/pimcore prior to 10.5.22.

References

github.com/pimcore/pimcore/commit/e8dbc4da58ae86618bceb67ed35ce23e5e54d2ed
huntr.dev/bounties/5df8b951-e2f1-4548-a7e3-601186e1b191
nvd.nist.gov/vuln/detail/CVE-2023-2984

Code Behaviors & Features

Detect and mitigate CVE-2023-2984 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →