GHSA-cf8v-5mrc-jv7f

GitHub Security Advisory

OpenC3 COSMOS Vulnerable to Directory Traversal via openc3-api/tables endpoint

✓ GitHub Reviewed HIGH Has CVE

An issue in the openc3-api/tables endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal.

RubyGems openc3-cosmos-tool-iframe

CVE-2025-28382

GHSA ID

GHSA-cf8v-5mrc-jv7f

Published

June 13, 2025 3:30 PM

Last Modified

June 17, 2025 7:59 PM

CVSS Score

7.5 /10

Primary Ecosystem

RubyGems

Primary Package

openc3-cosmos-tool-iframe

GitHub Reviewed

✓ Yes

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.