apk package
chainguard/gitlab-workhorse-ee-scripts-17.0
pkg:apk/chainguard/gitlab-workhorse-ee-scripts-17.0
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42367 | — | < 17.0.6-r0 | 17.0.6-r0 | Aug 9, 2024 | aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants (`.gz` or `.br` extension) are vulnerable to path traversal outside the root director |
- CVE-2024-42367Aug 9, 2024affected < 17.0.6-r0fixed 17.0.6-r0
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants (`.gz` or `.br` extension) are vulnerable to path traversal outside the root director