GHSA-393c-p46r-7c95: Directus File API Path Traversal (HIGH)
Plattform
nodejs
Komponente
directus
Behoben in
11.17.0
GHSA-393c-p46r-7c95 describes critical vulnerabilities in the Directus file management API that allow unauthorized manipulation of file storage paths and metadata. Attackers can overwrite files, write files outside intended storage boundaries via path traversal, and potentially achieve remote code execution. This issue is fixed in Directus version 11.17.0.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is GHSA-393c-p46r-7c95?
GHSA-393c-p46r-7c95 is a Path Traversal vulnerability in the Directus file management API that allows unauthorized file manipulation.
Am I affected by GHSA-393c-p46r-7c95?
You are affected if you are using a version of Directus prior to 11.17.0.
How can I fix GHSA-393c-p46r-7c95?
Upgrade your Directus instance to version 11.17.0 or later to resolve this vulnerability.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten