Skip to content
This repository was archived by the owner on Oct 20, 2024. It is now read-only.

static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal.

High
babelouest published GHSA-fq95-6mv5-cq45 Apr 30, 2022

Package

No package listed

Affected versions

< 2.7.0

Patched versions

2.7.0

Description

Impact

Allow directory traversal via the static_compressed_inmemory_website_callback

Patches

Fixed in 2.7.0

Severity

High

CVE ID

CVE-2022-29967

Weaknesses

No CWEs