Vite 访问控制错误漏洞

Vite is a new front-end builder tool from the Vite open source. Vite suffers from an access control error vulnerability that stems from the fact that the contents of any file can be returned to the browser...

Severalnines Cluster Control 安全漏洞

Severalnines Cluster Control is agentless management and automation software for database clusters from Severalnines. Severalnines Cluster Control versions 1.9.8 prior to 1.9.8-9778, 2.0.0 prior to 2.0.0-9779, and 2.1.0 prior to 2.1.0-9780 have a security vulnerability that originates from the...

django: Potential directory traversal via ``admindocs``

A flaw was found in django. Staff members could use the :mod:django.contrib.admindocs TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been customized by the developers to also expose the file contents, then not...

GHSA-68W8-QJQ3-2GFM Path Traversal in Django

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been...