PT-2026-36111
Name of the Vulnerable Software and Affected Versions pygeoapi versions 0.23.0 through 0.23.2 Description A raw string path concatenation issue in the STAC FileSystemProvider plugin allows requests to STAC collection based collections to expose directories without authentication. This occurs when...