CVE-2021-31800: Path Traversal
(updated )
Multiple path traversal vulnerabilities exist in smbserver.py
. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../
directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow
or an SSH authorized key.
References
Detect and mitigate CVE-2021-31800 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →