47 matches found
DEBIAN-CVE-2023-41633
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c...
UBUNTU-CVE-2023-41633
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c...
Insecure Temporary File in HuTool
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
CVE-2023-33695
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
Information disclosure
Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile function at /core/io/FileUtil.java...
GO-2022-1114 ZipSlip when unzipping files in github.com/duke-git/lancet
A ZipSlip vulnerability exists when using the fileutil package to unzip files...
Path Traversal
The fileutil subpackage in github.com/duke-git/lancet is vulnerable to path traversal. The vulnerability exists in the UnZip function in file.go due to a ZipSlip vulnerability which allows an attacker to create files outside the designated target directory using malicious zip file names...
CVE-2022-41920
Lancet is a general utility library for the go programming language. Affected versions are subject to a ZipSlip issue when using the fileutil package to unzip files. This issue has been addressed and a fix will be included in versions 2.1.10 and 1.3.4. Users are advised to upgrade. There are no...
PT-2022-26150 · Lancet +1 · Lancet +1
Name of the Vulnerable Software and Affected Versions: Lancet versions prior to 2.1.10 Lancet versions prior to 1.3.4 Description: The issue is a ZipSlip problem that occurs when using the fileutil package to unzip files. This can be exploited when using the fileutil package. No information is...
CVE-2022-41920 Zip slip in Lancet
Lancet is a general utility library for the go programming language. Affected versions are subject to a ZipSlip issue when using the fileutil package to unzip files. This issue has been addressed and a fix will be included in versions 2.1.10 and 1.3.4. Users are advised to upgrade. There are no...
CVE-2022-41920 Zip slip in Lancet
Lancet is a general utility library for the go programming language. Affected versions are subject to a ZipSlip issue when using the fileutil package to unzip files. This issue has been addressed and a fix will be included in versions 2.1.10 and 1.3.4. Users are advised to upgrade. There are no...
Liferay Portal和Liferay DXP 路径遍历漏洞
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
Apache UIMA Path Traversal vulnerability
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
GHSA-XGQR-5WQW-9FPV Apache UIMA Path Traversal vulnerability
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
Path traversal
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
UBUNTU-CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
CVE-2022-32287
CVE-2022-32287 : A relative path traversal in the FileUtil class used by the PEAR management component of Apache UIMA can let an attacker craft ZIP entry names to create files outside the designated target directory. Affected product: Apache UIMA up to version 3.3.0 (and earlier). The issue arise...