CVE-2023-35844

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-35844
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-35844.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-35844
Published
2023-06-19T02:15:08.903Z
Modified
2026-04-10T05:01:38.108968Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used.

References

Affected packages

Git / github.com/lightdash/lightdash

Affected ranges

Type
GIT
Repo
https://github.com/lightdash/lightdash
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
17bbbe65e633856fdd06f5cf327b1a144ad63951
Fixed
fcc808c84c2cc3afb343063e32a49440d32a553c
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.510.3"
        }
    ]
}

Affected versions

0.*
0.1.0
0.1.1
0.1.2
0.1.3
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.10.5
0.10.6
0.10.7
0.10.8
0.100.0
0.100.1
0.100.2
0.101.0
0.101.1
0.102.0
0.103.0
0.103.1
0.104.0
0.104.1
0.104.2
0.104.3
0.105.0
0.105.1
0.105.2
0.106.0
0.106.1
0.106.2
0.107.0
0.108.0
0.108.1
0.108.2
0.109.0
0.109.1
0.109.2
0.109.3
0.109.4
0.109.5
0.109.6
0.11.0
0.11.1
0.11.10
0.11.11
0.11.2
0.11.3
0.11.4
0.11.5
0.11.6
0.11.7
0.11.8
0.11.9
0.110.0
0.110.1
0.111.0
0.112.0
0.113.0
0.113.1
0.114.0
0.115.0
0.115.1
0.115.2
0.116.0
0.117.0
0.118.0
0.118.1
0.119.0
0.119.1
0.119.2
0.119.3
0.12.0
0.12.1
0.120.0
0.120.1
0.121.0
0.122.0
0.123.0
0.124.0
0.124.1
0.125.0
0.126.0
0.126.1
0.126.2
0.126.3
0.127.0
0.128.0
0.129.0
0.129.1
0.129.2
0.13.0
0.130.0
0.130.1
0.130.2
0.131.0
0.131.1
0.132.0
0.132.1
0.132.2
0.132.3
0.132.4
0.133.0
0.134.0
0.134.1
0.134.10
0.134.11
0.134.2
0.134.3
0.134.4
0.134.5
0.134.6
0.134.7
0.134.8
0.134.9
0.135.0
0.135.1
0.136.0
0.137.0
0.137.1
0.138.0
0.138.1
0.139.0
0.139.1
0.14.0
0.140.0
0.141.0
0.141.1
0.142.0
0.143.0
0.144.0
0.144.1
0.144.2
0.144.3
0.144.4
0.144.5
0.144.6
0.145.0
0.146.0
0.147.0
0.147.1
0.148.0
0.148.1
0.148.2
0.149.0
0.15.0
0.150.0
0.150.1
0.150.2
0.150.3
0.150.4
0.151.0
0.152.0
0.153.0
0.153.1
0.153.2
0.154.0
0.155.0
0.156.0
0.157.0
0.157.1
0.157.2
0.158.0
0.158.1
0.159.0
0.16.0
0.160.0
0.160.1
0.160.2
0.161.0
0.162.0
0.162.1
0.162.2
0.163.0
0.164.0
0.164.1
0.164.2
0.164.3
0.164.4
0.164.5
0.165.0
0.165.1
0.165.2
0.165.3
0.165.4
0.165.5
0.166.0
0.167.0
0.167.1
0.168.0
0.169.0
0.17.0
0.17.1
0.170.0
0.170.1
0.170.2
0.171.0
0.171.1
0.171.2
0.171.3
0.171.4
0.171.5
0.172.0
0.172.1
0.173.0
0.174.0
0.175.0
0.176.0
0.176.1
0.177.0
0.178.0
0.178.1
0.179.0
0.18.0
0.18.1
0.18.2
0.18.3
0.180.0
0.180.1
0.181.0
0.181.1
0.181.2
0.181.3
0.181.4
0.181.5
0.181.6
0.182.0
0.183.0
0.184.0
0.184.1
0.185.0
0.185.1
0.186.0
0.186.1
0.187.0
0.187.1
0.188.0
0.189.0
0.19.0
0.19.1
0.19.2
0.19.3
0.19.4
0.190.0
0.190.1
0.191.0
0.191.1
0.191.2
0.192.0
0.193.0
0.194.0
0.194.1
0.194.2
0.194.3
0.195.0
0.196.0
0.197.0
0.197.1
0.197.2
0.198.0
0.199.0
0.2.0
0.2.1
0.2.3
0.2.4
0.2.5
0.2.6
0.2.7
0.20.0
0.20.1
0.20.2
0.200.0
0.201.0
0.202.0
0.202.1
0.202.2
0.203.0
0.204.0
0.204.1
0.205.0
0.205.1
0.205.2
0.206.0
0.207.0
0.208.0
0.208.1
0.209.0
0.209.1
0.209.2
0.209.3
0.209.4
0.209.5
0.21.0
0.210.0
0.211.0
0.211.1
0.212.0
0.212.1
0.213.0
0.214.0
0.215.0
0.216.0
0.216.1
0.216.2
0.217.0
0.218.0
0.219.0
0.22.0
0.220.0
0.221.0
0.221.1
0.221.2
0.222.0
0.222.1
0.223.0
0.224.0
0.225.0
0.225.1
0.226.0
0.226.1
0.226.2
0.227.0
0.228.0
0.229.0
0.229.1
0.229.2
0.23.0
0.230.0
0.231.0
0.231.1
0.231.2
0.232.0
0.233.0
0.233.1
0.234.0
0.235.0
0.235.1
0.235.2
0.235.3
0.236.0
0.236.1
0.237.0
0.238.0
0.238.1
0.239.0
0.24.0
0.24.1
0.240.0
0.241.0
0.241.1
0.241.2
0.241.3
0.241.4
0.241.5
0.242.0
0.243.0
0.244.0
0.245.0
0.246.0
0.247.0
0.247.1
0.248.0
0.248.1
0.248.2
0.249.0
0.25.0
0.250.0
0.251.0
0.251.1
0.251.2
0.252.0
0.252.1
0.252.2
0.253.0
0.254.0
0.255.0
0.256.0
0.256.1
0.256.2
0.257.0
0.257.1
0.258.0
0.258.1
0.259.0
0.26.0
0.260.0
0.260.1
0.260.2
0.261.0
0.262.0
0.262.1
0.262.2
0.263.0
0.263.1
0.264.0
0.264.1
0.265.0
0.266.0
0.266.1
0.267.0
0.267.1
0.268.0
0.269.0
0.27.0
0.27.1
0.27.2
0.27.3
0.270.0
0.271.0
0.271.1
0.272.0
0.272.1
0.273.0
0.274.0
0.275.0
0.276.0
0.277.0
0.277.1
0.277.2
0.277.3
0.278.0
0.278.1
0.279.0
0.279.1
0.28.0
0.28.1
0.28.2
0.280.0
0.280.1
0.280.2
0.281.0
0.281.1
0.281.2
0.282.0
0.283.0
0.284.0
0.284.1
0.284.2
0.285.0
0.285.1
0.286.0
0.287.0
0.287.1
0.287.2
0.287.3
0.287.4
0.287.5
0.288.0
0.289.0
0.29.0
0.29.1
0.29.2
0.29.3
0.29.4
0.290.0
0.290.1
0.291.0
0.291.1
0.291.2
0.292.0
0.292.1
0.293.0
0.294.0
0.295.0
0.295.1
0.296.0
0.297.0
0.298.0
0.298.1
0.299.0
0.3.0
0.3.1
0.3.2
0.30.0
0.30.1
0.30.2
0.30.3
0.30.4
0.300.0
0.301.0
0.301.1
0.302.0
0.302.1
0.303.0
0.303.1
0.303.2
0.303.3
0.304.0
0.305.0
0.305.1
0.305.2
0.306.0
0.307.0
0.307.1
0.308.0
0.309.0
0.309.1
0.31.0
0.31.1
0.31.2
0.31.3
0.31.4
0.31.5
0.31.6
0.310.0
0.311.0
0.312.0
0.312.1
0.312.2
0.313.0
0.313.1
0.313.2
0.313.3
0.313.4
0.314.0
0.315.0
0.315.1
0.316.0
0.317.0
0.317.1
0.317.2
0.317.3
0.318.0
0.319.0
0.319.1
0.32.0
0.32.1
0.32.2
0.32.3
0.32.4
0.320.0
0.320.1
0.320.2
0.320.3
0.321.0
0.321.1
0.322.0
0.322.1
0.323.0
0.323.1
0.324.0
0.325.0
0.326.0
0.327.0
0.327.1
0.327.2
0.328.0
0.329.0
0.329.1
0.33.0
0.33.1
0.33.2
0.33.3
0.33.4
0.330.0
0.331.0
0.332.0
0.333.0
0.334.0
0.335.0
0.335.1
0.336.0
0.336.1
0.337.0
0.338.0
0.339.0
0.34.0
0.34.1
0.340.0
0.340.1
0.341.0
0.341.1
0.342.0
0.343.0
0.343.1
0.343.3
0.344.0
0.344.1
0.345.0
0.346.0
0.346.1
0.347.0
0.347.1
0.348.0
0.349.0
0.349.1
0.35.0
0.350.0
0.350.1
0.350.2
0.350.3
0.350.4
0.350.5
0.351.0
0.352.0
0.352.1
0.352.2
0.352.3
0.352.4
0.353.0
0.353.1
0.354.0
0.355.0
0.356.0
0.357.0
0.357.1
0.358.0
0.359.0
0.36.0
0.36.1
0.360.0
0.361.0
0.361.1
0.361.2
0.362.0
0.363.0
0.363.1
0.364.0
0.364.1
0.365.0
0.365.1
0.366.0
0.366.1
0.366.2
0.367.0
0.368.0
0.369.0
0.37.0
0.370.0
0.370.1
0.370.2
0.370.3
0.370.4
0.371.0
0.371.1
0.372.0
0.373.0
0.373.1
0.373.2
0.374.0
0.375.0
0.375.1
0.375.2
0.375.3
0.376.0
0.377.0
0.377.1
0.378.0
0.379.0
0.38.0
0.38.1
0.380.0
0.381.0
0.382.0
0.383.0
0.384.0
0.384.1
0.384.2
0.385.0
0.385.1
0.386.0
0.387.0
0.387.1
0.387.2
0.388.0
0.388.1
0.388.2
0.388.3
0.389.0
0.389.1
0.39.0
0.390.0
0.391.0
0.392.0
0.393.0
0.394.0
0.395.0
0.395.1
0.395.2
0.396.0
0.396.1
0.397.0
0.398.0
0.398.1
0.399.0
0.399.1
0.4.0
0.40.0
0.400.0
0.400.1
0.401.0
0.402.0
0.402.1
0.402.2
0.402.3
0.403.0
0.403.1
0.403.2
0.403.3
0.404.0
0.404.1
0.405.0
0.405.1
0.406.0
0.407.0
0.407.1
0.407.2
0.407.3
0.407.4
0.407.5
0.407.6
0.407.7
0.407.8
0.408.0
0.408.1
0.408.2
0.408.3
0.408.4
0.409.0
0.409.1
0.41.0
0.410.0
0.411.0
0.411.1
0.411.2
0.411.3
0.412.0
0.413.0
0.413.1
0.414.0
0.415.0
0.416.0
0.416.1
0.417.0
0.417.1
0.417.2
0.417.3
0.418.0
0.418.1
0.419.0
0.42.0
0.420.0
0.420.1
0.421.0
0.421.1
0.422.0
0.423.0
0.424.0
0.425.0
0.426.0
0.426.1
0.426.2
0.426.3
0.426.4
0.426.5
0.427.0
0.428.0
0.429.0
0.43.0
0.43.1
0.43.2
0.43.3
0.430.0
0.431.0
0.431.1
0.431.2
0.432.0
0.432.1
0.432.2
0.432.3
0.432.4
0.433.0
0.433.1
0.433.2
0.433.3
0.433.4
0.433.5
0.433.6
0.433.7
0.433.8
0.434.0
0.435.0
0.435.1
0.435.2
0.436.0
0.436.1
0.436.2
0.436.3
0.436.4
0.436.5
0.437.0
0.437.1
0.438.0
0.439.0
0.439.1
0.439.2
0.44.0
0.440.0
0.441.0
0.442.0
0.442.1
0.443.0
0.443.1
0.444.0
0.445.0
0.445.1
0.446.0
0.447.0
0.448.0
0.448.1
0.448.2
0.449.0
0.45.0
0.45.1
0.450.0
0.451.0
0.452.0
0.453.0
0.454.0
0.454.1
0.455.0
0.456.0
0.456.1
0.457.0
0.457.1
0.457.2
0.458.0
0.459.0
0.459.1
0.459.2
0.46.0
0.46.1
0.46.2
0.46.3
0.46.4
0.46.5
0.46.6
0.460.0
0.460.1
0.461.0
0.462.0
0.463.0
0.463.1
0.463.2
0.463.3
0.464.0
0.465.0
0.465.1
0.465.2
0.466.0
0.466.1
0.467.0
0.468.0
0.469.0
0.47.0
0.47.1
0.470.0
0.471.0
0.472.0
0.473.0
0.474.0
0.475.0
0.475.1
0.476.0
0.476.1
0.476.2
0.477.0
0.477.1
0.478.0
0.479.0
0.48.0
0.480.0
0.481.0
0.482.0
0.483.0
0.484.0
0.485.0
0.486.0
0.487.0
0.488.0
0.489.0
0.489.1
0.49.0
0.49.1
0.490.0
0.491.0
0.492.0
0.493.0
0.494.0
0.495.0
0.495.1
0.496.0
0.497.0
0.498.0
0.498.1
0.498.2
0.498.3
0.499.0
0.499.1
0.5.0
0.50.0
0.500.0
0.500.1
0.500.2
0.501.0
0.502.0
0.502.1
0.503.0
0.504.0
0.504.1
0.505.0
0.505.1
0.505.2
0.505.3
0.505.4
0.505.5
0.505.6
0.505.7
0.506.0
0.506.1
0.506.2
0.506.3
0.506.4
0.506.5
0.506.6
0.506.7
0.507.0
0.507.1
0.508.0
0.509.0
0.509.1
0.509.2
0.509.3
0.51.0
0.51.1
0.510.0
0.510.1
0.510.2
0.52.0
0.53.0
0.54.0
0.54.1
0.54.2
0.55.0
0.55.1
0.56.0
0.57.0
0.57.1
0.57.2
0.58.0
0.58.1
0.59.0
0.6.0
0.6.1
0.6.2
0.6.3
0.6.4
0.6.5
0.6.6
0.60.0
0.61.0
0.62.0
0.63.0
0.63.1
0.63.2
0.64.0
0.65.0
0.66.0
0.67.0
0.68.0
0.68.1
0.68.2
0.69.0
0.7.0
0.7.1
0.70.0
0.71.0
0.71.1
0.71.2
0.71.3
0.71.4
0.71.5
0.71.6
0.71.7
0.72.0
0.73.0
0.74.0
0.74.1
0.74.2
0.75.0
0.75.1
0.75.2
0.75.3
0.76.0
0.77.0
0.77.1
0.78.0
0.78.1
0.79.0
0.8.0
0.8.1
0.8.2
0.8.3
0.80.0
0.81.0
0.82.0
0.82.1
0.82.2
0.82.3
0.82.4
0.83.0
0.84.0
0.84.1
0.84.10
0.84.2
0.84.3
0.84.4
0.84.5
0.84.6
0.84.7
0.84.8
0.84.9
0.85.0
0.85.1
0.86.0
0.86.1
0.87.0
0.87.1
0.88.0
0.89.0
0.9.0
0.9.1
0.9.2
0.9.3
0.9.4
0.90.0
0.90.1
0.91.0
0.91.1
0.91.2
0.91.3
0.91.4
0.91.5
0.91.6
0.91.7
0.92.0
0.92.1
0.93.0
0.93.1
0.93.2
0.93.3
0.93.4
0.93.5
0.94.0
0.94.1
0.94.2
0.94.3
0.95.0
0.95.1
0.95.2
0.95.3
0.95.4
0.95.5
0.95.6
0.96.0
0.96.1
0.96.2
0.96.3
0.97.0
0.97.1
0.98.0
0.99.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-35844.json"