Lucene search
K

1647 matches found

RedHat Linux
RedHat Linux
added 2022/06/07 8:24 a.m.1 views

nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an...

8.6CVSS7.4AI score0.0185EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/06/06 9:29 a.m.3 views

nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on...

8.6CVSS7.4AI score0.03286EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/06/06 9:29 a.m.2 views

nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an...

8.6CVSS7.4AI score0.0185EPSS
Exploits0References6
OSV
OSV
added 2022/05/24 5:2 p.m.7 views

GHSA-3MRP-QHCJ-MWV5 Duplicate Advisory: Node CLI Allows Arbitrary File Overwrite

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6cpc-mj5c-m9rq. This link is maintained to preserve external references. Original Description An issue exists in node-cli 0.1.0 through 0.11.3 due to predictable temporary file names in lockfile and logfile, whi...

3.5CVSS3.6AI score0.00992EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/05/24 5:2 p.m.33 views

Duplicate Advisory: Node CLI Allows Arbitrary File Overwrite

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6cpc-mj5c-m9rq. This link is maintained to preserve external references. Original Description An issue exists in node-cli 0.1.0 through 0.11.3 due to predictable temporary file names in lockfile and logfile, whi...

3.8AI score
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/18 12:0 a.m.3 views

The vulnerability in Node.js’s Node-tar module for processing tar archives stems from a flaw in the pathname limitation of the directory handling mechanism. This allows attackers to create, overwrite arbitrary files, and execute arbitrary code.

The vulnerability of the Node.js module for processing tar archives with the Node-tar package is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability allows an attacker to create, overwrite arbitrary files, and execute arbitrary code using a specially...

8.6CVSS7.2AI score0.0185EPSS
Exploits0References10Affected Software9
OSV
OSV
added 2022/05/17 3:23 p.m.4 views

CLSA-2022-1652801011 Fix CVE(s): CVE-2022-1271

SECURITY UPDATE: arbitrary file overwrite or code execution with crafted file names - debian/patches/CVE-2022-1271.patch: fix escaping of malicious filenames in src/scripts/xzgrep.in. - CVE-2022-1271...

8.8CVSS7.3AI score0.04062EPSS
Exploits0References1
OSV
OSV
added 2022/05/17 1:44 a.m.27 views

GHSA-XC4G-7VW8-924H Arbitrary file overwrite in OpenStack Nova

virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...

7.1CVSS5.9AI score0.01933EPSS
Exploits1References11
Github Security Blog
Github Security Blog
added 2022/05/17 1:44 a.m.28 views

Arbitrary file overwrite in OpenStack Nova

virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...

4.9CVSS5.9AI score0.01933EPSS
Exploits1References11Affected Software1
OSV
OSV
added 2022/05/17 1:27 a.m.14 views

GHSA-7372-Q459-JXHR pyxdg Arbitrary File Overwrite via Race Condition

Race condition in the xdg.BaseDirectory.getruntimedir function in pyxdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the...

3.3CVSS5.8AI score0.00315EPSS
Exploits0References9
OSV
OSV
added 2022/05/14 3:49 a.m.23 views

GHSA-28XP-G7F6-7MHF Syncthing vulnerable to symlink traversal and arbitrary file overwrite

Syncthing version 0.14.33 and older erronously versions symlinks when they are deleted. If a directory is then created with the same name, a file created in that directory, and the file deleted, it is moved into the symlink target. This can lead to symlink traversal resulting in arbitrary file...

7.5CVSS7.4AI score0.01509EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/14 3:49 a.m.27 views

Syncthing vulnerable to symlink traversal and arbitrary file overwrite

Syncthing version 0.14.33 and older erronously versions symlinks when they are deleted. If a directory is then created with the same name, a file created in that directory, and the file deleted, it is moved into the symlink target. This can lead to symlink traversal resulting in arbitrary file...

7.5CVSS7.3AI score0.01509EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/14 2:3 a.m.22 views

GHSA-PCQV-C46V-2P4V Ansible Arbitrary File Overwrite Vulnerability

lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/...

6.9CVSS7.1AI score0.00329EPSS
Exploits0References9
OSV
OSV
added 2022/05/14 12:56 a.m.16 views

GHSA-MPMX-GM5V-Q789 Puppet uses predictable filenames, allowing arbitrary file overwrite

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files...

6.2CVSS6AI score0.00338EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2022/05/14 12:56 a.m.16 views

Puppet uses predictable filenames, allowing arbitrary file overwrite

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files...

6.2CVSS6.6AI score0.00338EPSS
Exploits0References13Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 12:56 a.m.24 views

Puppet arbitrary file overwrite

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

6.3CVSS6.4AI score0.00341EPSS
Exploits0References13Affected Software1
RubySec
RubySec
added 2022/05/14 12:0 a.m.17 views

Puppet arbitrary file overwrite

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

6.3CVSS7.1AI score0.00341EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2022/05/13 1:10 a.m.3 views

Directory Traversal

Overview mixlib-archive is a simple interface to various archive formats Affected versions of this package are vulnerable to Directory Traversal allowing attackers to overwrite arbitrary files by supplying a filename for a tar archive involving ... Details A Directory Traversal attack also known ...

7.5CVSS7.6AI score0.019EPSS
Exploits0References2
CNVD
CNVD
added 2022/04/15 12:0 a.m.9 views

RiteCMS arbitrary file overwrite vulnerability

RiteCMS is a web CMS. An arbitrary file overwrite vulnerability exists in RiteCMS versions 3.1.0 and below, which stems from the failure of a web system or product to properly filter special elements in a resource or file path, and can be exploited by an authenticated attacker to overwrite any fi...

8.5CVSS5AI score0.03892EPSS
Exploits1References1
OSV
OSV
added 2022/04/13 2:47 p.m.1 views

USN-5378-3 xz-utils vulnerability

USN-5378-2 fixed a vulnerability in XZ Utils. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep...

8.8CVSS6.9AI score0.04062EPSS
Exploits0References2
Rows per page
Query Builder