CVE-2021-32061: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
S3Scanner allows Directory Traversal via a crafted bucket, as demonstrated by a <Key>../
substring in a ListBucketResult element.
References
Detect and mitigate CVE-2021-32061 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →