VYPR

Incubator Heron

by Apache

Source repositories

CVEs (1)

  • CVE-2018-11789Mar 18, 2019
    risk 0.00cvss epss 0.07

    When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd.