CVE-2025-6283

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-6283

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-6283.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-6283

Published

2025-06-19T23:15:21Z

Modified

2025-06-26T21:05:20.866593Z

Summary

[none]

Details

A vulnerability was found in xataio Xata Agent up to 0.3.0. It has been classified as problematic. This affects the function GET of the file apps/dbagent/src/app/api/evals/route.ts. The manipulation of the argument passed leads to path traversal. Upgrading to version 0.3.1 is able to address this issue. The patch is named 03f27055e0cf5d4fa7e874d34ce8c74c7b9086cc. It is recommended to upgrade the affected component.

References

Affected packages

Git / github.com/xataio/agent

Affected ranges

Type: GIT
Repo: https://github.com/xataio/agent
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

03f27055e0cf5d4fa7e874d34ce8c74c7b9086cc

Fixed

19c6220d20c378ef6e504e20407c4bffcb131edf

Affected versions

v0.*

v0.1.2

v0.2.0

v0.2.1

v0.2.2

v0.3.0