CVE ID : CVE-2025-22240
Published : June 13, 2025, 7:15 a.m. | 2 hours, 49 minutes ago
Description : Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgt_env” variable. This can be exploited by an attacker to delete any file on the Master’s process has permissions to.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More
