4 matches found
GO-2024-3108 Hoverfly allows an arbitrary file read in the `/api/v2/simulation` endpoint (`GHSL-2023-274`) in github.com/SpectoLabs/hoverfly
Hoverfly allows an arbitrary file read in the /api/v2/simulation endpoint GHSL-2023-274 in github.com/SpectoLabs/hoverfly...
CVE-2024-45388
Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...
CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)
Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...
CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)
Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...