CVE-2020-15230

Published October 2nd, 2020

View on NVD ↗

CVSS v3

8.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

Vapor is a web framework for Swift. In Vapor before version 4.29.4, Attackers can access data at arbitrary filesystem paths on the same host as an application. Only applications using FileMiddleware are affected. This is fixed in version 4.29.4.

vapor/vapor

💧 A server-side Swift HTTP web framework.

GitHub

26.1K