Azael Martin

**Name of the Vulnerable Software and Affected Versions** GE Vernova Smallworld versions prior to 5.3.5 **Description** A flaw exists in GE Vernova Smallworld on Windows and Linux systems that allows for file manipulation due to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' condition. **Recommendations** Update to Smallworld version 5.3.5 or later.

**Name of the Vulnerable Software and Affected Versions** GE Vernova Smallworld versions prior to 5.3.3 (Linux) GE Vernova Smallworld versions prior to 5.3.4 (Windows) **Description** An improper authentication issue exists in GE Vernova Smallworld on Windows and Linux platforms, potentially allowing authentication abuse. **Recommendations** Update GE Vernova Smallworld to version 5.3.4 or later on Windows. Update GE Vernova Smallworld to version 5.3.3 or later on Linux.