5 matches found
EUVD-2025-208109
URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...
CVE-2025-11563 wcurl path traversal with percent-encoded slashes
URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...
CVE-2025-11563
CVE-2025-11563 corresponds to a path traversal vulnerability in wcurl (the curl tool component). The issue arises in wcurl versions prior to 2025-11-04, enabling path traversal when URLs contain a percent-encoded slash. Documented across multiple feeds (OSV, Ubuntu/Debian advisories, and vendor/N...
CVE-2025-11563
URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...
CVE-2025-11563
URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...