GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. Due to insufficient input path validation, an authenticated attacker can traverse directories and download files to a specific directory. Successful exploit may cause information leakage.
[
{
"product": "GaussDB 200",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "6.5.1"
}
]
}
]