What the vulnerability does

01Description

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.

Key dates

02Disclosure timeline

May 9, 2023 CVE published
January 28, 2025 Record updated