410 matches found
Security update for gleam (moderate)
openSUSE security update: security update for gleam ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21143-1 Rating: moderate References: bsc1267396 bsc1267397 bsc1267398 Cross-References: CVE-2026-32685 CVE-2026-42795 CVE-2026-43965 Affected Product...
CVE-2026-13748
CVE-2026-13748 affects Snowflake CLI prior to 3.19. The vulnerability arises from improper restriction of file path resolution, allowing an attacker-controlled repository or project content to cause the CLI to read arbitrary local files and transmit or embed their contents during deployment or SQ...
OPENSUSE-SU-2026:21143-1 Security update for gleam
This update for gleam fixes the following issues: Changes in gleam: - Update to 1.17.0: Fixed security vulnerabilities: - Restrict custom documentation page path and source values so gleam docs build cannot escape the docs output directory or project root bsc1267396, CVE-2026-32685 - Restrict...
CVE-2026-56446
MISP is affected by CVE-2026-56446 where an authenticated site administrator could configure an arbitrary filesystem path for the NDJSON error log via JsonLogTool. Logged data can contain attacker-controlled content, enabling direction of log output to a web-accessible PHP file and potentially in...
ROS-20260526-73-0017
Vulnerability in poetry related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...
ROS-20260524-73-0036
A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
GHSA-62Q4-447F-WV8H Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path
Summary pymdownx.snippets has a regression of the CVE-2023-32309 / GHSA-jh85-wwv9-24hv fix. With restrictbasepath: True the default, the current filename.startswithbase containment check does not enforce a directory boundary. As a result, a markdown snippet directive can read files from sibling...
Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path
Summary pymdownx.snippets has a regression of the CVE-2023-32309 / GHSA-jh85-wwv9-24hv fix. With restrictbasepath: True the default, the current filename.startswithbase containment check does not enforce a directory boundary. As a result, a markdown snippet directive can read files from sibling...
EUVD-2026-29460
CWE-22: Improper Limitation of a Pathname to a Restricted Directory “Path Traversal” vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path processing...
ROS-20260512-73-0006
A vulnerability in Incus container management system and virtual machine manager is related to incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...
CVE-2026-43901
Wireshark MCP (v1.1.5 and earlier) is affected by CVE-2026-43901: the wireshark_export_objects MCP tool accepts an attacker-controlled dest_dir and passes it to tshark --export-objects with no mandatory path restriction. The internal sandbox (_allowed_dirs) is None by default and only activated w...
PT-2026-38244
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.15 Description An arbitrary file read issue exists in the QMD backend memory get function. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown paths,...
ROS-20260506-73-0043
Vulnerability in erlang related to incorrect restriction of path name to restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
ROS-20260506-73-0010
Vulnerability in helm related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...
ROS-20260430-73-0005
Vulnerability in buildkit related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
EUVD-2026-24481
Tekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ check...
UBUNTU-CVE-2026-32147
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...
OpenClaw: QMD memory_get restricts reads to canonical or indexed memory paths
Summary The QMD backend memoryget read path accepted arbitrary workspace Markdown paths that were inside the workspace but outside the canonical memory locations or indexed QMD result set. Impact When the QMD backend was enabled, a caller with access to memoryget could read arbitrary .md files...
OESA-2026-1979 golang security update
. Security Fixes: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which...
ROS-20260417-73-0028
Vulnerability in rubygem-rack related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...