Lucene search
K

4 matches found

Snyk
Snyk
added 2026/05/28 8:2 p.m.11 views

Directory Traversal

Overview shamefile is an A cli tool to enforce documentation for code suppressions Affected versions of this package are vulnerable to Directory Traversal via the shame next process when processing a user-controlled shamefile.yaml. An attacker can disclose the contents of files outside the intend...

6.8CVSS6.3AI score0.00013EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/28 8:2 p.m.10 views

Shamefile has an arbitrary file read via shamefile.yaml in shame next

Impact A path traversal vulnerability in shame next allows an attacker-controlled shamefile.yaml to disclose contents of files outside the repository, one line at a time, to the terminal of a user who runs the command. See patch commit for technical details. Patches Fixed in 0.1.7. Upgrade to...

5.8AI score0.00013EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/28 8:2 p.m.8 views

GHSA-X6P3-76F2-XXVH Shamefile has an arbitrary file read via shamefile.yaml in shame next

Impact A path traversal vulnerability in shame next allows an attacker-controlled shamefile.yaml to disclose contents of files outside the repository, one line at a time, to the terminal of a user who runs the command. See patch commit for technical details. Patches Fixed in 0.1.7. Upgrade to...

5.5CVSS5.8AI score0.00013EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.12 views

PT-2026-44550

Impact A path traversal vulnerability in shame next allows an attacker-controlled shamefile.yaml to disclose contents of files outside the repository, one line at a time, to the terminal of a user who runs the command. See patch commit for technical details. Patches Fixed in 0.1.7. Upgrade to...

5.5CVSS5.8AI score0.00013EPSS
Exploits0References6
Rows per page
Query Builder