Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.
References
Link | Resource |
---|---|
https://github.com/encode/starlette/releases/tag/0.27.0 | Release Notes |
https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px | Exploit Vendor Advisory |
https://jvn.jp/en/jp/JVN95981715/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-06-01T00:00:00
Updated: 2023-06-01T00:00:00
Reserved: 2023-05-11T00:00:00
Link: CVE-2023-29159
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-01T02:15:09.803
Modified: 2023-06-08T01:59:38.140
Link: CVE-2023-29159
JSON object: View
Redhat Information
No data.
CWE