Product:

Venice

(Venice_project)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 1
Date Id Summary Products Score Patch Annotated
2022-08-15 CVE-2022-36007 Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions `load-file` and `load-resource`. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: `[ "/Users/foo/resources" ]` When passing **relative** paths to these two vulnerable functions everything is fine: `(load-resource "test.png")` => loads the file... Venice 3.3