Vulnerability	Vulnerable Version
C Directory Traversal changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Directory Traversal on URLs received as input. An attacker can read local files via the watch preview functionality. URLs are not sufficiently checked for paths that traverse directories with a "dot-dot" pattern, paths beginning with a space. How to fix Directory Traversal? Upgrade `changedetection.io` to version 0.48.5 or higher.	[,0.48.5)
H Directory Traversal changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Directory Traversal due to improper validation for the file `URI` scheme. An attacker can read any file on the system by crafting a URL that bypasses the intended restrictions on local file access. Note: This issue only affects instances with a `webdriver` enabled, and `ALLOW_FILE_URI` false or not defined. How to fix Directory Traversal? Upgrade `changedetection.io` to version 0.47.6 or higher.	[,0.47.6)
M Directory Traversal changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Directory Traversal via the `Watch.py` and `__init__.py` files, an attacker can read arbitrary files on the system by manipulating the file URL to bypass security checks designed to block traditional file access methods. How to fix Directory Traversal? Upgrade `changedetection.io` to version 0.47.5 or higher.	[,0.47.5)

Go back to all versions of this package