spring-boot-actuator-logview_project spring-boot-actuator-logview CVE Vulnerabilities (2)

CVEs: 2 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting spring-boot-actuator-logview_project spring-boot-actuator-logview (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2023-29986	spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view.	[email protected]	5.3	0.37%	2023-05-11	2025-01-27
CVE-2021-21234	spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The nature of this library is to expose a log file directory via admin (spring boot actuator) HTTP endpoints. Both the filename to view and a base folder (relative to the logging folder root) can be specified via request paramet	[email protected]	7.7	94.02%	2021-01-05	2024-11-21

cvelogic Threat Intelligence