GHSA-82j3-hf72-7x93: Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`)
Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files.
References
- github.com/advisories/GHSA-82j3-hf72-7x93
- github.com/dzikoysk/reposilite
- github.com/dzikoysk/reposilite/commit/e172ae4b539c822d0d6e04cf090713c7202a79d6
- github.com/dzikoysk/reposilite/releases/tag/3.5.12
- github.com/dzikoysk/reposilite/security/advisories/GHSA-82j3-hf72-7x93
- nvd.nist.gov/vuln/detail/CVE-2024-36117
Detect and mitigate GHSA-82j3-hf72-7x93 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →