11 matches found
EUVD-2025-0217
Malicious code in bioql PyPI...
CVE-2025-24961
org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this...
CVE-2025-24961
org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this...
CVE-2025-24961 Insecure path traversal in filesystem and filesystem-nio2 storage backends in org.gaul S3Proxy
org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this...
CVE-2025-24961 Insecure path traversal in filesystem and filesystem-nio2 storage backends in org.gaul S3Proxy
org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this...
CVE-2025-24961 Insecure path traversal in filesystem and filesystem-nio2 storage backends in org.gaul S3Proxy
org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this...
CVE-2025-24961
CVE-2025-24961 affects org.gaul S3Proxy and describes an insecure path traversal in the filesystem and filesystem-nio2 storage backends that could unintentionally expose local files to users. The root cause is a path traversal flaw when using those backends, enabling access to files outside the i...
com.github.alexmojaki:s3-stream-upload (=1.0), com.hotels:circus-train-common-test (=10.0.0) +1 more potentially affected by CVE-2025-24961 via org.gaul:s3proxy (>=1.4.0 <=1.6.1)
org.gaul:s3proxy MAVEN version =1.4.0, =0.9.0-preview1, =0.9.0-preview2 Source cves: CVE-2025-24961 Source advisory: OSV:GHSA-2CCP-VQMV-4R4X...
S3Proxy allows insecure path traversal in filesystem and filesystem-nio2 storage backends
Impact Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to authenticated clients. Patches Upgrade to S3Proxy 2.6.0 which includes apache/jclouds@b0819e0ef5e08c792a4d1724b938714ce9503aa3 and 86b6ee4749aa163a78e7898efc063617ed171980. Workarounds...
GHSA-2CCP-VQMV-4R4X S3Proxy allows insecure path traversal in filesystem and filesystem-nio2 storage backends
Impact Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to authenticated clients. Patches Upgrade to S3Proxy 2.6.0 which includes apache/jclouds@b0819e0ef5e08c792a4d1724b938714ce9503aa3 and 86b6ee4749aa163a78e7898efc063617ed171980. Workarounds...
PT-2025-5605 · Org.Gaul · 3Proxy
Name of the Vulnerable Software and Affected Versions: org.gaul S3Proxy versions prior to 2.6.0 Description: The issue affects users of the filesystem and filesystem-nio2 storage backends, potentially exposing local files to authenticated clients. This could lead to unauthorized access to sensiti...