VDB
KO
CRITICAL 9.1

PYSEC-2025-257

Details

An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / openc3
Introduced in: 0

No fixed version published yet for openc3 (pip). Pin to a known-safe version or switch to an alternative.

References