CVE-2025-28382

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-28382
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-28382.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-28382
Aliases
Published
2025-06-13T14:15:20.440Z
Modified
2026-02-13T00:39:22.609258Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue in the openc3-api/tables endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal.

References

Affected packages

Git / github.com/openc3/cosmos

Affected ranges

Type
GIT
Repo
https://github.com/openc3/cosmos
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
165b29b9cdf33b7676cb3da80bf123937c09b8bc
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
fc7e11310a7cdf9f1939886e1b29009db4d4b718

Affected versions

v3.*
v3.0.0
v3.0.1
v3.1.0
v3.1.1
v3.1.2
v3.2.0
v3.2.1
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.4.0
v3.4.1
v3.4.2
v3.5.0
v3.5.1
v3.5.2
v3.5.3
v3.6.0
v3.6.1
v3.6.2
v3.6.3
v3.7.0
v3.7.1
v3.8.0
v3.8.1
v3.8.2
v3.8.3
v3.9.0
v3.9.1
v3.9.2
v4.*
v4.0.0
v4.0.1
v4.0.2
v4.0.3
v4.1.0
v4.1.1
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.3.0
v4.4.0
v4.4.1
v4.4.2
v4.5.0
v5.*
v5.0.0
v5.0.0-alpha.1
v5.0.0-beta.1
v5.0.0.beta2
v5.0.1
v5.0.10
v5.0.11
v5.0.2
v5.0.2-beta2
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v5.1.0
v5.1.1
v5.10.0
v5.10.1
v5.11.0
v5.11.1
v5.11.2
v5.11.3
v5.12.0
v5.13.0
v5.14.0
v5.14.1
v5.14.2
v5.15.0
v5.15.1
v5.15.2
v5.16.0
v5.16.1
v5.16.2
v5.17.0
v5.17.1
v5.18.0
v5.19.0
v5.2.0
v5.20.0
v5.3.0
v5.4.0
v5.4.1
v5.4.2
v5.4.3-beta0
v5.5.0
v5.5.0-beta0
v5.5.1
v5.5.2
v5.5.2-beta0
v5.6.0
v5.6.1
v5.7.0
v5.7.2
v5.8.0
v5.8.1
v5.9.0
v5.9.1
v6.*
v6.0.0
v6.0.1
v6.0.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-28382.json"