Advisory #44
| Title | transfer.sh arbitrary file deletion via path traversal |
| CVE ID | CVE-2021-33497 |
| Vendor | Dutchcoders |
| Affected product | transfer.sh |
| Affected versions | - 1.2.3 |
| Vulnerability type | CWE-22 (Path Traversal) |
| Description | transfer.sh has a vulnerability that allows an attacker to delete arbitrary file on the system via path traversal. |
| Status | Fixed in 1.2.4 |
| Recommendation | Update to 1.2.4 or above. |