CVE-2020-37214

Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files...

Red Hat build of Keycloak 代码问题漏洞

Red Hat build of Keycloak is a web application for single sign-on from Red Hat USA. A code issue vulnerability exists in the Red Hat build of Keycloak, which stems from a proxy misconfiguration that could result in accessing the /admin path via a non-normalized path...