Homepage

s3scanner@2.0.1 vulnerabilities

Scan for open S3 buckets and dump the contents

  • latest version

    2.0.2

  • latest non vulnerable version

    2.0.2

  • first published

    4 years ago

  • latest version published

    3 years ago

  • licenses detected

  • View s3scanner package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the s3scanner package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Directory Traversal

    S3Scanner is a Scan for open S3 buckets and dump the contents

    Affected versions of this package are vulnerable to Directory Traversal by dumping the contents of a bucket which contains objects with special characters in their keys, those characters can be used to save the files outside of the folder specified with --dump-dir.

    How to fix Directory Traversal?

    Upgrade S3Scanner to version 2.0.2 or higher.

    [,2.0.2)
    Go back to all versions of this package