Friday, February 14, 2025

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library

Home
Security Creators Network
Webinars
Events
- Upcoming Events
- On-Demand Events
Sponsored Content
Chat
Library
Related Sites
Media Kit
About
Sponsor

Analytics
AppSec
CISO
Cloud
DevOps
GRC
Identity
Incident Response
IoT / ICS
Threats / Breaches
More
Humor

Security Bloggers Network

Home » Security Bloggers Network » Contrast Security discovers Netflix OSS Genie application path traversal vulnerability that can lead to RCE during file upload

Contrast Security discovers Netflix OSS Genie application path traversal vulnerability that can lead to RCE during file upload

by Joseph Beeton, Senior Application Security Researcher, Contrast Security on May 22, 2024

Contrast Security discovers Netflix OSS Genie application path traversal vulnerability that can lead to RCE during file upload

Genie is a federated big data orchestration and execution engine developed and open sourced by Netflix.

*** This is a Security Bloggers Network syndicated blog from AppSec Observer authored by Joseph Beeton, Senior Application Security Researcher, Contrast Security. Read the original post at: https://www.contrastsecurity.com/security-influencers/contrast-security-discovers-netflix-oss-genie-application-path-traversal-vulnerability-that-can-lead-to-rce-during-file-upload

Techstrong Gang Youtube

AWS Hub

May 22, 2024May 22, 2024 Joseph Beeton, Senior Application Security Researcher, Contrast Security Contrast Assess, Contrast Protect, Directory Traversal, Genie, netflix, path traversal, vulnerability

← Leading with Value, Not Just Technology in Digital Product Development
Orchestration Kitchen Workshop with CyberArk: Modernizing Identity for Legacy Apps →

Techstrong TV

Click full-screen to enable volume control

Watch latest episodes and shows

Tech Field Day Extra at Cisco Live EMEA

Upcoming Webinars

Full Content Inspection: The New Standard for Network Security

The 2025 Guide to Open Source Security and Risk

Modern App Development in the Cloud Era: Balancing Innovation, Efficiency, and Cost

AI and Machine Learning in Security

Master Kubernetes: Achieve runtime visibility, security, and compliance across your stack

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

Most Read on the Boulevard

Chinese DeepSeek AI App: FULL of Security Holes Say Researchers

Attackers Use 2.8 Million Devices in Major Brute Force Attack

API Gateway Security Needs a Stronger Zero-Trust Strategy

Hey, UK, Get Off of My Cloud

The Current State of the CISO with Nick Kakolowski

Careers in Cybersecurity: Myths and Realities with Kathleen Smith

The Art of Human-AI Synergy: A Framework for Smart Collaboration

Stay Relaxed with Top-Notch API Security

Phishing Season 2025: The Latest Predictions Unveiled

Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)

Industry Spotlight

Careers Cloud Security Cybersecurity Data Security Endpoint Featured Industry Spotlight Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight

Sophos Sheds 6% of Employees After Closing Secureworks Deal

February 13, 2025 Jeffrey Burt | Yesterday 0

Application Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security DevOps Endpoint Governance, Risk & Compliance Humor Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches Vulnerabilities

Chinese DeepSeek AI App: FULL of Security Holes Say Researchers

February 10, 2025 Richi Jennings | 3 days ago 0

Analytics & Intelligence Cyberlaw Cybersecurity Data Privacy Data Security DevOps Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches

FINALLY! FCC Gets Tough on Robocall Fraud

February 7, 2025 Richi Jennings | Feb 07 0

Top Stories

Cybersecurity Featured News Social - Facebook Social - LinkedIn Social - X Spotlight

Grip Security Adds SaaS Security Posture Management Offering

February 13, 2025 Michael Vizard | Yesterday 0

Cloud Security Cybersecurity Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight

Palo Alto Networks Unifies Cloud Security Portfolio

February 13, 2025 Michael Vizard | Yesterday 0

Cloud Security Cyberlaw Cybersecurity Data Security Featured Incident Response Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches

Lines Between Nation-State and Cybercrime Groups Disappearing: Google

February 13, 2025 Jeffrey Burt | Yesterday 0

Security Humor

Daniel Stori's Turnoff.US: ‘git submodules adoption flows’

Daniel Stori’s Turnoff.US: ‘git submodules adoption flows’

Download Free eBook

Managing the AppSec Toolstack

Join the Community

Add your blog to Security Creators Network
Write for Security Boulevard
Bloggers Meetup and Awards
Ask a Question
Email: [email protected]

Useful Links

About
Media Kit
Sponsor Info
Copyright
TOS
DMCA Compliance Statement
Privacy Policy

Related Sites

Techstrong Group
Cloud Native Now
DevOps.com
Digital CxO
Techstrong Research
Techstrong TV
Techstrong.tv Podcast
DevOps Chat
DevOps Dozen
DevOps TV

Powered by Techstrong Group

Copyright © 2025 Techstrong Group Inc. All rights reserved.