Directus vulnerable to unhandled exception on illegal filename_disk value

The Directus process can be aborted by having an authorized user update the filenamedisk value to a folder and accessing that file through the /assets endpoint. The vulnerability is patched and released in v9.15.0. You can prevent this problem by making sure no untrusted non-admin users have...

CVE-2022-36031

Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the filenamedisk value to a folder and accessing that file through the /assets endpoint. This vulnerability has been patched and release v9.15....

CVE-2022-36031 Unhandled exception on illegal filename_disk value

Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the filenamedisk value to a folder and accessing that file through the /assets endpoint. This vulnerability has been patched and release v9.15....