Duplicate Advisory: Starlette vulnerable to directory traversal

GHSA-qj8w-rv5x-2v9h

Published Jun 1, 2023 · Modified Feb 18, 2025

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-v5gw-mw7f-84px. This link is maintained to preserve external references.

Original Description

Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.

References

WEB https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-29159
WEB https://github.com/encode/starlette/commit/1797de464124b090f10cf570441e8292936d63e3
PACKAGE https://github.com/encode/starlette
WEB https://github.com/encode/starlette/releases/tag/0.27.0
WEB https://jvn.jp/en/jp/JVN95981715

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes