2 matches found
PYSEC-2026-357 internetarchive Vulnerable to Directory Traversal in File.download()
Impact What kind of vulnerability is it? This is a Critical severity directory traversal path traversal vulnerability in the File.download method of the internetarchive library. Who is impacted? All users of the internetarchive library versions 5.5.1 are impacted. The vulnerability is particularl...
PT-2023-27221 · Unknown · @Keystone-6/Core
Name of the Vulnerable Software and Affected Versions: @keystone-6/core versions prior to 5.5.1 Description: The issue arises when ui.isAccessAllowed is set as undefined, making the adminMeta GraphQL query publicly accessible without requiring a session. This behavior differs from the default...