3 matches found
vlt Mishandles Path Sanitization for tar
vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction...
CVE-2023-46943
An issue was discovered in NPM's package @evershop/evershop before version 1.0.0-rc.8. The HMAC secret used for generating tokens is hardcoded as "secret". A weak HMAC secret poses a risk because attackers can use the predictable secret to create valid JSON Web Tokens JWTs, allowing them access t...
DEBIAN-CVE-2017-18198
printiso9660recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted iso file...