Arbitrary File Read
github.com/dotmesh-io/dotmesh is vulnerable to Arbitrary File Read. The vulnerability is due to the unsafe handling of symbolic links in an unpacking routine, allowing attackers to read and/or write to arbitrary locations outside the designated target folder...