CVE-2024-22050 Information

Description

Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated remote attacker to read files outside the public folder via malicious URLs.

Reference

https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3 https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949889 https://github.com/advisories/GHSA-85rf-xh54-whp3 https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3