6 matches found
CVE-2023-39138
An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...
CVE-2023-39138
creationtimestamp| type| source ---|---|--- 2023-08-31 02:26:00+00:00| seen| https://t.me/cibsecurity/69493...
CVE-2023-39138
An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...
CVE-2023-39138
An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...
CVE-2023-39138
An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...
CVE-2023-39138
ZIPFoundation v0.9.16 is vulnerable to a path traversal when extracting crafted ZIP archives, enabling writing outside the target directory. The issue is documented across multiple sources (GitHub GHSA- and OSV entries and CVE-2023-39138) and is triggered during extraction of crafted files, with ...