Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations. NOTE: the vendor's perspective is that the vulnerability itself is in custom integrations written by third parties, not in Home Assistant; however, Home Assistant does have a security update that is worthwhile in addressing this situation
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-01-21T15:10:51

Updated: 2024-08-03T16:45:51.297Z

Reserved: 2021-01-15T00:00:00

Link: CVE-2021-3152

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-01-26T18:16:27.770

Modified: 2024-11-21T06:21:00.420

Link: CVE-2021-3152

cve-icon Redhat

No data.