Path Traversal

com.netflix.genie: genie-web is vulnerable to Path Traversal. The vulnerability is caused by improper filename validation in the saveAttachments method within LocalFileSystemAttachmentServiceImpl.java, due to missing checks to prevent a filename from starting with ... An attacker can upload a fil...

com.netflix.genie:genie-app (>=3.0.0 <=4.3.17), com.netflix.genie:genie-security (>=4.0.0-rc.1 <=4.0.0-rc.31) +3 more potentially affected by CVE-2024-4701 via com.netflix.genie:genie-web (>=0.22 <=4.3.17)

com.netflix.genie:genie-web MAVEN version =0.22, =3.0.0, =4.0.0-rc.1, =4.0.0, =4.0.0, =0.22, =1.0.1 Source cves: CVE-2024-4701 Source advisory: OSV:GHSA-WPCV-5JGP-69F3...