Vulnerability Database

296,733

Total vulnerabilities in the database

Unauthorized File Access in glance

Versions of glance prior to 3.0.7 are vulnerable to Unauthorized File Access. The package provides a --nodot option meant to hide files and directories with names that begin with a ., such as .git but fails to hide files inside a folder that begins with ..

Recommendation

Upgrade to version 3.0.7 or later.

Published: Sep 2, 2020
Updated: Apr 14, 2023
GHSA: GHSA-vw7g-jq9m-3q9v
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
glance	-	3.0.7

https://hackerone.com/reports/490379
https://www.npmjs.com/advisories/811

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo