Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Bugsink path traversal via event_id in ingestion

🗓️ 29 Jul 2025 20:13:51Reported by GitHub Advisory DatabaseType 
github
 github🔗 github.com👁 6 Views

Bugsink allows path traversal via unvalidated event_id leading to file overwrite in arbitrary locations

Related
Detection
Refs
ReporterTitlePublishedViews
Family
CNNVD		Bugsink 路径遍历漏洞
30 Jul 202500:00
cnnvd
CVE		CVE-2025-54433
30 Jul 202514:29
cve
Cvelist		CVE-2025-54433 Bugsink is vulnerable to Path Traversal attacks via event_id in ingestion
30 Jul 202514:29
cvelist
EUVD		EUVD-2025-23153
3 Oct 202520:07
euvd
NVD		CVE-2025-54433
30 Jul 202515:15
nvd
OSV		CVE-2025-54433 Bugsink is vulnerable to Path Traversal attacks via event_id in ingestion
30 Jul 202514:29
osv
OSV		GHSA-Q78P-G86F-JG6Q Bugsink path traversal via event_id in ingestion
29 Jul 202520:13
osv
Positive Technologies		PT-2025-31371 · Bugsink · Bugsink
29 Jul 202500:00
ptsecurity
RedhatCVE		CVE-2025-54433
2 Aug 202520:22
redhatcve
Snyk		Directory Traversal
30 Jul 202514:48
snyk
Rows per page
Vulners
Node
bugsinkbugsinkRange<1.4.3pip
OR
bugsinkbugsinkRange1.5.01.5.5pip
OR
bugsinkbugsinkRange1.6.01.6.4pip
OR
bugsinkbugsinkRange1.7.01.7.4pip
SourceLink
githubwww.github.com/bugsink/bugsink/security/advisories/GHSA-q78p-g86f-jg6q
githubwww.github.com/bugsink/bugsink/commit/1001726f4389e982c486cdd5fa81941cb46cfc33
githubwww.github.com/bugsink/bugsink/commit/211ddf76758c808c095b5f836c363f148d934d21
githubwww.github.com/bugsink/bugsink/commit/2c41fbe3881bdea83399a7f9fdc8cff198ae089f
githubwww.github.com/bugsink/bugsink/commit/53cf1a17a3e96f7c83c7451fd56f980a09d0c9b0
githubwww.github.com/bugsink/bugsink/commit/55a155003d0b416ea008c5e7dcde85130ad21d9b
githubwww.github.com/bugsink/bugsink/commit/b94aa8a5c96ce8cdd9711b6beb4e518264993ac2
githubwww.github.com/bugsink/bugsink/commit/c341687bd655543730c812db35c29199f788be6b
githubwww.github.com/bugsink/bugsink/commit/c87217bd565122ba70af90436e3ab2cd9bee658f
nvdwww.nvd.nist.gov/vuln/detail/CVE-2025-54433
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
30 Jul 2025 15:42Current
7.2High risk
Vulners AI Score7.2
CVSS 47.2
EPSS0.01008
SSVC
CWE-22
bugsink path traversalevent_id validationfile overwrite risktrusted inputsecurity mitigation
6