Lucene search
+L

4 matches found

NVD
NVD
added 2021/03/15 5:15 p.m.17 views

CVE-2021-23357

All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the disk where Tyk is running via the management API. The APIID is provided by the user and this valu...

5.3CVSS0.00525EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/03/15 4:45 p.m.26 views

CVE-2021-23357 Directory Traversal

All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the disk where Tyk is running via the management API. The APIID is provided by the user and this valu...

3.3CVSS5.6AI score0.00525EPSS
Exploits1References2
CVE
CVE
added 2021/03/15 4:45 p.m.38 views

CVE-2021-23357

CVE-2021-23357 - Normal mode (concrete details available) Affected software: github.com/TykTechnologies/tyk/gateway (Tyk Gateway) with the vulnerability reported across multiple feeds. Vulnerability and root cause: Directory Traversal via the handleAddOrUpdateApi function. The APIID supplied by t...

5.3CVSS4.6AI score0.00525EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/03/15 4:40 p.m.3 views

CVE-2021-23357

All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the disk where Tyk is running via the management API. The APIID is provided by the user and this valu...

5.3CVSS5.6AI score0.00525EPSS
Exploits1References3
Rows per page
Query Builder