What is GHSA-v45h-mqf4-6939?

GHSA-v45h-mqf4-6939 is a security advisory published by GitHub Security Advisories with High severity. Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users...

Which CVE IDs does GHSA-v45h-mqf4-6939 cover?

GHSA-v45h-mqf4-6939 covers the following CVE IDs: CVE-2025-48977. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-v45h-mqf4-6939?

GHSA-v45h-mqf4-6939 has a CVSS v3 base score of 6.5, published by GitHub Security Advisories.

GHSA-v45h-mqf4-6939HighCVSS 6.5

Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users...

Vendor

GitHub Security Advisories

Published

May 28, 2026

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2025-48977 →

📋 Description

Relative Path Traversal vulnerability in Apache Ignite REST API.

Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This issue affects Apache Ignite: from 2.0.0 through 2.17.0.

Users are recommended to upgrade to version 2.18.0, which fixes the issue.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2025-48977
https://lists.apache.org/thread/hgct6918sowd8l58yjohryhpxx81t4n1
http://www.openwall.com/lists/oss-security/2026/05/28/3
https://github.com/advisories/GHSA-v45h-mqf4-6939