CVE-2021-21234: Directory Traversal in spring-boot-actuator-logview
7.7
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.99739%
CWE
Published
1/5/2021
Updated
2/1/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
eu.hinsch:spring-boot-actuator-logview | maven | < 0.2.13 | 0.2.13 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stemmed from insufficient validation
of the 'base' parameter in path construction. The pre-patch securityCheck
method only checked for ".." in filenames
but didn't properly validate
the resolved path when combined with the base parameter. The list()
and view()
methods passed untrusted input to securityCheck
before proper path resolution, enabling traversal via base parameter manipulation. The commit diff shows the fix moved securityCheck
to operate on the resolved Path
object and used canonical path validation
.