VYPR

apk package

chainguard/gitlab-cng-ee-17.0-gitaly-scripts

pkg:apk/chainguard/gitlab-cng-ee-17.0-gitaly-scripts

Vulnerabilities (1)

  • CVE-2024-42367Aug 9, 2024
    affected < 17.0.6-r0fixed 17.0.6-r0

    aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants (`.gz` or `.br` extension) are vulnerable to path traversal outside the root director