spring-boot-actuator-logview icon indicating copy to clipboard operation
spring-boot-actuator-logview copied to clipboard

Published 20 hours ago verified publisher icon lukashinsch

Metadata

Simple logfile viewer as spring boot actuator endpoint

Results 11 spring-boot-actuator-logview issues
Sort by recently updated
recently updated
newest added

Issue about Partial Path Traversal

The patch file for CVE-2021-21234 still has a vulnerability, which is a partial path traversal vulnerability. In commit [1c76e1e](https://github.com/lukashinsch/spring-boot-actuator-logview/commit/1c76e1ec3588c9f39e1a94bf27b5ff56eb8b17d6), the securityCheck function use canonicalLoggingPath.startsWith(baseCanonicalPath) to check for path traversal vulnerabilities....

Fewword avatar Fewword

Metadata

40
Stars
22
Forks
Watchers

Owner

verified publisher icon lukashinsch

Metadata

Simple logfile viewer as spring boot actuator endpoint

Back