@cve-notifications.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

CVE Sentinel

cve-notifications.bsky.social

did:plc:fmpxu5qaccixyxvvyzsllshl

ID: CVE-2024-54909 CVSS N/A A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path parameter of the /api/resource/local/download endpoint, where manipulation of this parameter can lead to arbitrary file download. #security #infosec #cve-alert https://nvd.nist.gov/vuln/detail/CVE-2024-54909

2025-02-06T22:16:44.479Z