← back
CVE-2021-31863

CVE-2021-31863

EPSS 1.7%
Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://lists.debian.org/debian-lts-announce/2021/05/msg00013.htmlhttps://www.redmine.org/news/131https://www.redmine.org/projects/redmine/wiki/Security_Advisories