Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-35852HistoryJun 19, 2023 - 4:15 a.m.
CVE-2023-35852
2023-06-1904:15:11
Alpine Linux Development Team
security.alpinelinux.org
8
suricata
directory traversal
security fix
filesystem access
0.001 Low
EPSS
Percentile
32.0%
In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.18-community | noarch | suricata | < 6.0.15-r0 | UNKNOWN |
Related
cvelist
cvelist
CVE-2023-35852
2023-06-19 00:00:00
prion
prion
Directory traversal
2023-06-19 04:15:00
veracode
veracode
Directory Traversal
2023-07-22 17:28:09
ubuntucve
ubuntucve
CVE-2023-35852
2023-06-19 00:00:00
cve
cve
CVE-2023-35852
2023-06-19 04:15:11
debiancve
debiancve
CVE-2023-35852
2023-06-19 04:15:11
osv
osv
CVE-2023-35852
2023-06-19 04:15:11
rosalinux
rosalinux
Advisory ROSA-SA-2023-2305
2023-12-12 12:21:49
Advisory ROSA-SA-2024-2360
2024-02-27 09:06:58
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0468
2023-09-09 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0091
2023-09-09 00:00:00