4 matches found
Security Bulletin: For IBM Cloudpak for Watson AIOPS 3.5.1
Summary This SB contains a list for all CVE's listed here - CVE-2022-36083, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2021-21797, CVE-2022-35941, CVE-2021-42248, CVE-2021-42836, CVE-2022-40186, CVE-2022-41316, CVE-2021-36090, CVE-2020-29529, CVE-2020-7219 fixed in 3.5.1 Vulnerability...
CVE-2020-29529
creationtimestamp| type| source ---|---|--- 2020-12-03 22:26:30+00:00| seen| https://t.me/cibsecurity/17129...
CVE-2020-29529
CVE-2020-29529 affects HashiCorp go-slug up to 0.4.3, where directory traversal during tar unpacking could be bypassed via multiple symlinks. Root cause: insufficient protection when unpacking archives. Impact: potential exposure of restricted files; not fully protected. Fix: upstream in 0.5.0. R...
CVE-2020-29529
HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0...