4 matches found
CVE-2021-23357
All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the disk where Tyk is running via the management API. The APIID is provided by the user and this valu...
CVE-2021-23357 Directory Traversal
All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the disk where Tyk is running via the management API. The APIID is provided by the user and this valu...
CVE-2021-23357
CVE-2021-23357 - Normal mode (concrete details available) Affected software: github.com/TykTechnologies/tyk/gateway (Tyk Gateway) with the vulnerability reported across multiple feeds. Vulnerability and root cause: Directory Traversal via the handleAddOrUpdateApi function. The APIID supplied by t...
CVE-2021-23357
All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the disk where Tyk is running via the management API. The APIID is provided by the user and this valu...