CVE-2024-38816

Path traversal vulnerability in functional web frameworks

FALSE POSITIVE

Rundeck and Runbook Automation are not vulnerable to this CVE.

Rundeck is not vulnerable to CVE-2024-38816 because it uses Jetty. The CVE does not affect applications running on Tomcat or Jetty as described in the finding.