Lucene search

CVE-2020-26312

🗓️ 14 May 2024 21:10:15Reported by GitHub_MType

Dotmesh command-line interface security issu

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2020-26312 GHSL-2020-254: Arbitrary file read and/or write in dotmesh	14 May 202420:22	–	cvelist
OSV	GHSA-HF54-FQ2M-P9V6 dotmesh arbitrary file read and/or write	14 May 202421:34	–	osv
OSV	GO-2024-2849 dotmesh arbitrary file read and/or write in github.com/dotmesh-io/dotmesh	5 Jun 202415:10	–	osv
RedhatCVE	CVE-2020-26312	5 Feb 202513:33	–	redhatcve
Vulnrichment	CVE-2020-26312 GHSL-2020-254: Arbitrary file read and/or write in dotmesh	14 May 202420:22	–	vulnrichment
NVD	CVE-2020-26312	14 May 202421:15	–	nvd
Github Security Blog	dotmesh arbitrary file read and/or write	14 May 202421:34	–	github
Veracode	Arbitrary File Read	14 May 202408:21	–	veracode

Vulners

Vulnrichment

Node

dotmesh-io dotmeshRange≤0.8.1

[
  {
    "defaultStatus": "unaffected",
    "packageName": "dotmesh",
    "product": "dotmesh",
    "repo": "https://github.com/dotmesh-io/dotmesh",
    "vendor": "dotmesh-io",
    "versions": [
      {
        "lessThanOrEqual": "0.8.1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
securitylab	www.securitylab.github.com/advisories/GHSL-2020-254-zipslip-dotmesh/
github	www.github.com/dotmesh-io/dotmesh/blob/master/pkg/archiver/tar.go

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2024 21:15Current

6.5Medium risk

Vulners AI Score6.5

CVSS38.1

EPSS0.00147

SSVC