17004 matches found
DEBIAN-CVE-2026-50135
Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...
CVE-2026-50135
Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...
EUVD-2026-25012
mv: symlinks expanded during cross-device move resource exhaustion / data duplication...
DEBIAN-CVE-2026-58403
Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...
EUVD-2026-24992
install: TOCTOU symlink race unlink-then-create without OEXCL allows arbitrary file overwrite...
CVE-2026-50135 Hugo: Symlink confinement bypass in resources.Get
Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...
CVE-2026-50135
Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...
CVE-2026-50135
Summary: Hugo up to v0.161.1 is affected by a symlink confinement bypass in the virtual filesystem used by Hugo’s resources.Get. Root cause: A regression in RootMappingFs.statRoot caused it to call Stat (which follows symlinks) instead of Lstat, allowing a symlink inside a mounted directory (e.g....
CVE-2026-50135
Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made RootMappingFs.statRoot use Stat follows symlinks instead of Lstat , so a direct resources.Get of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount e.g. a...
CVE-2026-58403 Hugo symlink confinement bypass in os.ReadFile
Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...
EUVD-2026-41907
Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...
CVE-2026-58403
Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...
CVE-2026-58403
Hugo (static site generator) vulnerable from v0.123.0 through v0.163.0. A regression in RootMappingFs.statRoot caused it to call Stat (which follows symlinks) instead of Lstat, enabling os.ReadFile on a symlink to read the target file outside the mount. This could let a symlink inside a theme or ...
CVE-2026-58403
Hugo is a static site generator. From v0.123.0 through v0.163.0, Hugo's virtual filesystem is designed so that files under a mount cannot reach outside the mount tree, but a regression caused RootMappingFs.statRoot to call Stat, which follows symlinks, instead of Lstat, so a direct os.ReadFile...
CVE-2026-59195
pnpm is a package manager. Prior to 10.34.4 and 11.8.0, pnpm accepts package names from the env lockfile configDependencies section and uses those names directly when creating config dependency symlinks under nodemodules/.pnpm-config. A malicious repository can commit a crafted pnpm-lock.yaml who...
CVE-2026-59195 pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config
pnpm is a package manager. Prior to 10.34.4 and 11.8.0, pnpm accepts package names from the env lockfile configDependencies section and uses those names directly when creating config dependency symlinks under nodemodules/.pnpm-config. A malicious repository can commit a crafted pnpm-lock.yaml who...
CVE-2026-59195
CVE-2026-59195 affects pnpm prior to versions 10.34.4 and 11.8.0. The issue arises when pnpm reads package names from the env lockfile’s configDependencies section and uses those names directly to create config dependency symlinks under node_modules/.pnpm-config. A crafted pnpm-lock.yaml with a t...
CVE-2026-58203
CVE-2026-58203 affects pydantic-settings, specifically NestedSecretsSettingsSource. From 2.12.0 through 2.14.2, when secrets_nested_subdir is true, a directory entry that is a symbolic link to outside secrets_dir is followed, enabling reading files outside the configured directory and bypassing s...
CVE-2026-58203
pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...
postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind
A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...