Lucene search
K

376 matches found

CVE
CVE
added 2026/04/07 4:48 p.m.30 views

CVE-2026-39306

Summary of CVE-2026-39306 (PraisonAI): The vulnerability is a path traversal / arbitrary file write in PriasonAI’s recipe registry pull flow. Before version 1.5.113, the system extracts uploaded tar bundles with tar.extractall() without validating archive member paths, allowing a malicious publis...

7.3CVSS6.1AI score0.00291EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/04/07 4:11 p.m.21 views

CVE-2026-35592 pyLoad has an Incomplete Tar Path Traversal Fix in UnTar._safe_extractall via os.path.commonprefix Bypass

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the safeextractall function in src/pyload/plugins/extractors/UnTar.py uses os.path.commonprefix for its path traversal check, which performs character-level string comparison rather than path-level...

5.3CVSS0.00255EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 4:11 p.m.2 views

CVE-2026-35592

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the safeextractall function in src/pyload/plugins/extractors/UnTar.py uses os.path.commonprefix for its path traversal check, which performs character-level string comparison rather than path-level...

8.1CVSS5.9AI score0.00327EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2026/04/06 11:9 p.m.7 views

GHSA-4RX4-4R3X-6534 PraisonAI recipe registry pull path traversal writes files outside the chosen output directory

Summary PraisonAI's recipe registry pull flow extracts attacker-controlled .praison tar archives with tar.extractall and does not validate archive member paths before extraction. A malicious publisher can upload a recipe bundle that contains ../ traversal entries and any user who later pulls that...

7.3CVSS6.1AI score0.00291EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/06 11:9 p.m.6 views

PraisonAI recipe registry pull path traversal writes files outside the chosen output directory

Summary PraisonAI's recipe registry pull flow extracts attacker-controlled .praison tar archives with tar.extractall and does not validate archive member paths before extraction. A malicious publisher can upload a recipe bundle that contains ../ traversal entries and any user who later pulls that...

7.3CVSS6.1AI score0.00291EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30765

Summary PraisonAI's recipe registry pull flow extracts attacker-controlled .praison tar archives with tar.extractall and does not validate archive member paths before extraction. A malicious publisher can upload a recipe bundle that contains ../ traversal entries and any user who later pulls that...

7.3CVSS6.1AI score0.00291EPSS
Exploits1References5
OSV
OSV
added 2026/04/01 1:44 p.m.8 views

USN-8139-1 rust-cargo-c vulnerability

It was discovered that tar-rs embedded in cargo-c incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside th...

6.5CVSS6AI score0.00379EPSS
Exploits1References2
OSV
OSV
added 2026/03/30 3:30 a.m.4 views

GHSA-VHCX-3PQ2-4FVC MLFlow path traversal vulnerability

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

9.6CVSS7.3AI score0.00587EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/30 3:30 a.m.6 views

EUVD-2025-209119

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

9.6CVSS6AI score0.00587EPSS
Exploits1References3
NVD
NVD
added 2026/03/30 2:16 a.m.10 views

CVE-2025-15036

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

10CVSS0.00587EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/30 1:16 a.m.29 views

CVE-2025-15036 Path Traversal Vulnerability in mlflow/mlflow

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

9.6CVSS0.00587EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/30 1:16 a.m.6 views

CVE-2025-15036

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

10CVSS7.3AI score0.00587EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-28273

Name of the Vulnerable Software and Affected Versions mlflow versions prior to 3.7.0 Description A path traversal issue exists in the extract archive to dir function within the mlflow/pyfunc/dbconnect artifact cache.py file of the mlflow/mlflow repository. The issue is due to insufficient...

10CVSS7.2AI score0.00587EPSS
Exploits1References17
Veracode
Veracode
added 2026/03/23 8:54 a.m.13 views

Directory Traversal

Keras is vulnerable to Directory Traversal. The vulnerability is due to unsafe extraction of tar archives in keras.utils.getfile without proper filtering during extraction, which allows an attacker to bypass path validation and write files outside the intended directory...

8CVSS7.3AI score0.00592EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/20 9:15 a.m.5 views

BIT-JENKINS-2026-33001

Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives, allowing crafted archives to write files to arbitrary locations on the filesystem, restricted only by file system access permissions of the user running...

8.8CVSS5.9AI score0.01161EPSS
Exploits0References15
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/20 8:22 a.m.6 views

Security Bulletin: Symlink Traversal Vulnerability in pip Tar Extraction Fallback on Pre-PEP 706 Python Versions, watsonx.data

Summary A vulnerability in pip allows improper handling of symbolic links during tar extraction on older Python versions without PEP 706, potentially leading to path traversal outside the intended directory; updating pip and Python mitigates the risk. This can affect watsonx.data. Vulnerability...

5.9CVSS6.8AI score0.00438EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/03/20 12:7 a.m.22 views

CVE-2026-32766 astral-tokio-tar insufficiently validates PAX extensions during extraction

astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.6 and earlier, malformed PAX extensions were silently skipped when parsing tar archives. This silent skipping rather than rejection of invalid PAX extensions could be used as a building block for a parser...

6.3CVSS0.00249EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/19 11:41 a.m.6 views

CVE-2026-33001

A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files t...

8.8CVSS5.9AI score0.01161EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/19 12:30 a.m.12 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the extraction process of tar archives due to improper validation of archive entry paths. An attacker can overwrite arbitrary files on the filesystem by supplying a crafted tar.gz file containing directory travers...

9.1CVSS7.7AI score0.00852EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/03/19 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1640)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.00438EPSS
Exploits0References2
Rows per page
Query Builder