Description
spring-boot-actuator-logview is a library that exposes a log file directory via admin (spring boot actuator) HTTP endpoints. Both the filename to view and a base folder (relative to the logging folder root) can be specified via request parameters. While the filename parameter was checked to prevent directory traversal exploits (so that filename=../somefile would not work), the base folder parameter was not sufficiently checked, so that filename=somefile&base=../ could access a file outside the logging base directory).
Remediation
The vulnerability has been patched in release 0.2.13. Any users of 0.2.12 should be able to update without any issues as there are no other changes in that release.
References
Related Vulnerabilities
Python object deserialization of user-supplied data
WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.3)
WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)
WordPress Plugin WP Background Takeover Directory Traversal (4.1.4)
WordPress Plugin WP-Lister Lite for Amazon Directory Traversal (0.9.6.35)