GSA_kwCzR0hTQS1oNGM5LXJyNW0tMzJmbc4AAyfx

High EPSS: 0.00066% (0.20932 Percentile) EPSS:

Permalink JSON

RuoYi vulnerable to arbitrary file download

Affected Packages	Affected Versions	Fixed Versions
maven:com.ruoyi:ruoyi	< 4.7.7	4.7.7

An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server.

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-27025
https://gitee.com/y_project/RuoYi/commit/432d5ce1be2e9384a6230d7ccd8401eef5ce02b0
https://gitee.com/y_project/RuoYi/issues/I697Q5
https://github.com/advisories/GHSA-h4c9-rr5m-32fm

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

GSA_kwCzR0hTQS1oNGM5LXJyNW0tMzJmbc4AAyfx

RuoYi vulnerable to arbitrary file download

Identifiers

Risk

Severity

EPSS

Classification

Source

Origin

Date and time

Published

Updated

API