aws-java-sdk-s3 is vulnerable to path traversal. The vulnerability exists due to the insufficient guard logic used for the download directory in the leavesRoot
function of TransferManager.java
, allowing an attacker to access files from the S3 bucket that is one level up in the file system by evading the validation logic by adding a UNIX double-dot to the bucket key when the directory name prefix matches the destination directory.
Vendor | Product | Version | CPE |
---|---|---|---|
amazon | aws-sdk-java | * | cpe:2.3:a:amazon:aws-sdk-java:*:*:*:*:*:*:*:* |