Security Advisory

CVE-2023-35843

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-19 00:00:00

Last updated 2024-12-11 20:10:03

Assigner mitre

State PUBLISHED

Description

NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.

← Browse all CVEs View on cve.org ↗