Root Path Disclosure in send

2017-10-24T18:33:36
ID GHSA-JGQF-HWC5-HH37
Type github
Reporter GitHub Advisory Database
Modified 2020-08-31T18:09:35

Description

Versions of send prior to 0.11.2 are affected by an information leakage vulnerability which may allow an attacker to enumerate paths on the server filesystem.

Recommendation

Update to version 0.11.1 or later.