779 matches found
Mozilla: Arbitrary file read from GTK drag and drop on Linux
The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...
Path Traversal
github.com/uber/kraken is vulnerable to Path Traversal. The vulnerability exists because the downloadHandler parameter in the server.go does not properly sanitize the relative file paths and user inputs, allowing an attacker to write arbitrary files outside the expected directory...
Path Traversal
web-node-server is vulnerable to Path Traversal. The vulnerability is due to to a lack of sanitization of relative file paths in the start function of nodeserver.js which allows an attacker to write arbitrary files outside the expected directory...
PT-2023-19615 · Jenkins · Jenkins Visualexpert Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins visualexpert Plugin versions 1.3 and earlier Description: The issue allows attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system, due to a lack of...
Path Traversal
github.com/whyrusleeping/tar-utils is vulnerable to Path Traversal. The vulnerability exists because the elems parameter in the Sanitize function of extractor.go does not properly sanitize the relative file paths, allowing an attacker to write arbitrary files outside the expected directory...
Remote Code Execution
git is vulnerable to Remote Code Execution RCE. The vulnerability is due to lsfiles in lib.rb not un-escaping file paths when using eval, which allows an attacker to execute remote code...
CVE-2018-25046
A flaw was found in the cloudfoundry/archiver package. In affected versions of this package, archives containing relative file paths can cause files to be written or overwritten outside of the target directory due to improper path sanitization...
GHSA-F5C5-HMW9-V8HX Unzip vulnerable to path traversal
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
Cloud Foundry Archiver vulnerable to path traversal
Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
Unzip vulnerable to path traversal
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
tar-utils Path Traversal vulnerability
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
GHSA-32QH-8VG6-9G43 Cloud Foundry Archiver vulnerable to path traversal
Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
GHSA-JPF8-H7H7-3PPM tar-utils Path Traversal vulnerability
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
CVE-2020-36561
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
CVE-2018-25046
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
Input validation
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
Input validation
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
Input validation
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
CVE-2020-36566 Path traversal in github.com/whyrusleeping/tar-utils
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
CVE-2020-36561 Path traversal in github.com/yi-ge/unzip
Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...