a1ohadance/CVE-2026-38360

Releases0

Stars2

Advisory: CVE-2026-38360 path traversal (CWE-22) in dash-uploader (Python/PyPI)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-38360 ↗	May 8, 2026Friday, 8 May 2026, 17:16	9.8 CRITICAL	—
Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_uploader/httprequesthandler.py, aseHttpRequestHandler.get_temp_root(), BaseHttpRequestHandler._post() components