Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2023-35947
HistoryAug 08, 2023 - 10:48 p.m.

CVE-2023-35947

2023-08-0822:48:56
redhat.com
access.redhat.com
22
cve-2023-35947
gradle
tar archives
overwritten files
build modification
sensitive information

0.001 Low

EPSS

Percentile

25.3%

JSON

A flaw was found in Gradle. When unpacking Tar archives, Gradle did not check that files could be written outside the unpack location. This issue could lead to important files being overwritten anywhere the Gradle process has write permissions. This flaw allows an attacker with control of an archive’s source used by the build or capability to modify the build to interact with a malicious archive and overwrite existing archives or extract information from sensitive files.

Mitigation

There is currently no known mitigation for this issue.

Related

alpinelinux 1
github 2
osv 2
debiancve 1
ubuntucve 1
cvelist 1
cve 1
prion 1
alpinelinux
alpinelinux
CVE-2023-35947
2023-06-30 21:15:09
github
github
The architecture of SAST tools: An explainer for developers
2024-02-12 17:03:05
CodeQL team uses AI to power vulnerability detection in code
2023-09-12 16:48:44
osv
osv
CVE-2023-35947
2023-06-30 21:15:09
BIT-gradle-2023-35947
2024-03-06 10:52:56
debiancve
debiancve
CVE-2023-35947
2023-06-30 21:15:09
ubuntucve
ubuntucve
CVE-2023-35947
2023-06-30 00:00:00
cvelist
cvelist
CVE-2023-35947 Path traversal vulnerabilities in handling of Tar archives in Gradle
2023-06-30 20:18:06
cve
cve
CVE-2023-35947
2023-06-30 21:15:09
prion
prion
Path traversal
2023-06-30 21:15:00

0.001 Low

EPSS

Percentile

25.3%

JSON
Related for RH:CVE-2023-35947
alpinelinux1github2osv2debiancve1ubuntucve1cvelist1cve1prion1