3 matches found
CVE-2026-28492 File Browser: Path Traversal in Public Share Links Exposes Files Outside Shared Directory
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile middleware in http/public.go uses...
PT-2024-33667 · Zitadel +1 · Zitadel +1
Name of the Vulnerable Software and Affected Versions: Zitadel versions prior to 2.64.0 Zitadel versions prior to 2.63.5 Zitadel versions prior to 2.62.7 Zitadel versions prior to 2.61.4 Zitadel versions prior to 2.60.4 Zitadel versions prior to 2.59.5 Zitadel versions prior to 2.58.7 Description...
PT-2019-4185 · Gnome +5 · Gnome Glib +5
Name of the Vulnerable Software and Affected Versions: GNOME GLib versions 2.15.0 through 2.61.1 Description: The issue is related to the file copy fallback function in the gio/gfile.c file, which does not properly restrict file permissions during a copy operation. Instead of using restricted...