CVE-2025-48977
ADVISORY - githubSummary
Relative Path Traversal vulnerability in Apache Ignite REST API.
Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This issue affects Apache Ignite: from 2.0.0 through 2.17.0.
Users are recommended to upgrade to version 2.18.0, which fixes the issue.
EPSS Score: 0.00526 (0.406)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Relative Path Traversal
ADVISORY - github
Relative Path Traversal
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in