1 results (0.001 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56142 – Path Traversal in pghoard
https://notcve.org/view.php?id=CVE-2024-56142
pghoard is a PostgreSQL backup daemon and restore tooling that stores backup data in cloud object stores. A vulnerability has been discovered that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending on the permissions/privileges assigned to pghoard, this could allow disclosure of sensitive information. This issue has been addressed in releases after 2.2.2a. Users are advised to upgrade. • https://github.com/Aiven-Open/pghoard/security/advisories/GHSA-m9hc-vxjj-4x6q • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •