Iodine Static File Server Path Traversal Vulnerability
Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs.
Affected products
iodine
- <0.7.33
Matching in nixpkgs
pkgs.networkmanager-iodine
NetworkManager's iodine plugin
-
nixos-unstable -
- nixpkgs-unstable 1.2.0-unstable-2025-09-06
Package maintainers
-
@jtojnar Jan Tojnar <jtojnar@gmail.com>
-
@obadz obadz <obadz-nixos@obadz.com>