VYPR

spring-boot-actuator-logview

by lukashinsch

Source repositories

CVEs (2)

  • CVE-2021-21234HigJan 5, 2021
    risk 0.45cvss 7.7epss 0.21

    spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The…

  • CVE-2023-29986MedMay 11, 2023
    risk 0.35cvss 5.3epss 0.01

    spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view.