Ye

Name of the Vulnerable Software and Affected Versions SolarView Compact versions prior to 6.00 Description SolarView Compact versions prior to 6.00 are vulnerable to Directory Traversal. This allows unauthorized access to files and directories on the system. The vulnerability is due to insufficient validation of file paths. Recommendations Update SolarView Compact to version 6.00 or later.

**Name of the Vulnerable Software and Affected Versions** marshmallow library versions prior to 2.15.1 marshmallow library versions 3.x prior to 3.0.0b9 **Description** The issue arises from the schema "only" option in the marshmallow library, where an empty list is treated as if no "only" option was specified. This can lead to a request exposing all fields instead of none, under specific conditions involving dynamic filtering of the schema and user roles that produce empty values for the "only" option. **Recommendations** For versions prior to 2.15.1, update to version 2.15.1 or later to resolve the issue. For versions 3.x prior to 3.0.0b9, update to version 3.0.0b9 or later to resolve the issue.