CVE-2023-29986

spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view...

PT-2023-22505 · Unknown · Spring-Boot-Actuator-Logview

Name of the Vulnerable Software and Affected Versions: spring-boot-actuator-logview version 0.2.13 Description: The issue allows Directory Traversal to sibling directories via the LogViewEndpoint.view endpoint. This enables access to files outside the intended directory, potentially leading to...

CVE-2021-21234

spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The nature of this librar...