Ye

Name of the Vulnerable Software and Affected Versions SolarView Compact versões anteriores a 6.00 Description As versões do SolarView Compact anteriores a 6.00 são vulneráveis a Directory Traversal. Isso permite acesso não autorizado a arquivos e diretórios no sistema. A vulnerabilidade é devido à validação insuficiente de caminhos de arquivos. Recommendations Atualize o SolarView Compact para a versão 6.00 ou posterior.

**Name of the Vulnerable Software and Affected Versions** marshmallow library versions prior to 2.15.1 marshmallow library versions 3.x prior to 3.0.0b9 **Description** The issue arises from the schema "only" option in the marshmallow library, where an empty list is treated as if no "only" option was specified. This can lead to a request exposing all fields instead of none, under specific conditions involving dynamic filtering of the schema and user roles that produce empty values for the "only" option. **Recommendations** For versions prior to 2.15.1, update to version 2.15.1 or later to resolve the issue. For versions 3.x prior to 3.0.0b9, update to version 3.0.0b9 or later to resolve the issue.