GO-2025-3967 esm.sh has arbitrary file write via path traversal in `X-Zone-Id` header in github.com/esm-dev/esm.sh

esm.sh has arbitrary file write via path traversal in X-Zone-Id header in github.com/esm-dev/esm.sh...

GO-2025-3971 DragonFly vulnerable to arbitrary file read and write on a peer machine in d7y.io/dragonfly

DragonFly vulnerable to arbitrary file read and write on a peer machine in d7y.io/dragonfly...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Entry::unpackinraw API and the Entry::allowexternalsymlinks control which defaults to true. An attacker can write files outside the intended extraction directory and perform an arbitrary file write which can...

CVE-2025-59825

astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which...

CVE-2025-59825

CVE-2025-59825 affects astral-tokio-tar (Rust) up to v0.5.3: tar extraction can escape the target dir via Entry::unpack_in_raw and via a symlink pair that bypasses allow_external_symlinks, potentially enabling arbitrary file writes and code execution. The issue is fixed in v0.5.4; upgrading is re...

GHSA-3WGQ-WRWC-VQMV astral-tokio-tar has a path traversal in tar extraction

Impact In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which defaults to true could be bypassed via a pair of symlinks that...

PT-2025-39215

Name of the Vulnerable Software and Affected Versions astral-tokio-tar versions 0.5.3 and earlier Description astral-tokio-tar is a tar archive reading/writing library for async Rust. Tar archives may extract files outside of their intended destination directory when using the Entry::unpack in ra...

CVE-2025-10854 Symlink Following in txtai leads to arbitrary file write when loading untrusted embedding indices

The txtai framework allows the loading of compressed tar files as embedding indices. While the validate function is intended to prevent path traversal vulnerabilities by ensuring safe filenames, it does not account for symbolic links within the tar file. An attacker is able to write a file anywhe...

CVE-2025-10854

The CVE-2025-10854 issue affects the txtai framework where loading compressed tar files as embedding indices is vulnerable: the existing path traversal protection does not account for symbolic links inside the tar, allowing an attacker to write arbitrary files on the filesystem when untrusted emb...

CVE-2025-10854 Symlink Following in txtai leads to arbitrary file write when loading untrusted embedding indices

The txtai framework allows the loading of compressed tar files as embedding indices. While the validate function is intended to prevent path traversal vulnerabilities by ensuring safe filenames, it does not account for symbolic links within the tar file. An attacker is able to write a file anywhe...

CVE-2025-34191

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 macOS/Linux client deployments contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into file...

SUSE CVE-2025-58158

Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation ...

CVE-2025-34191

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 macOS/Linux client deployments contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into file...

CVE-2025-34191

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 macOS/Linux client deployments contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into file...

CVE-2025-34191 Vasion Print (formerly PrinterLogic) Arbitrary File Write as Root via Response Path Symlink Follow

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 macOS/Linux client deployments contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into file...

CVE-2025-34191

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 macOS/Linux client deployments contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into file...

CVE-2025-34191 Vasion Print (formerly PrinterLogic) Arbitrary File Write as Root via Response Path Symlink Follow

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 macOS/Linux client deployments contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into file...

CVE-2025-34191

Vulnerability CVE-2025-34191 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Vasion Print Application versions prior to 20.0.1923 (macOS/Linux client deployments). The issue is an arbitrary file write via response file handling: tasks write respo...

CVE-2025-59342

esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a...

CVE-2025-57644

Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, resulting in remote code execution. In addition, improper input validation allows for arbitrary file write a...