Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:34 a.m.9 views

CVE-2023-32317

Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the MOSS cheat checker functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted T...

7.2CVSS6.8AI score0.00887EPSS
Exploits0References1
CVE
CVE
added 2025/03/20 10:9 a.m.48 views

CVE-2024-12216

The CVE-2024-12216 issue affects dmlc/gluon-cv 0.10.0, specifically ImageClassificationDataset.from_csv(). The vulnerability arises because tar.gz files downloaded from URLs are extracted without proper sanitization, enabling TarSlip via path traversal or faked symlinks to overwrite arbitrary fil...

7.1CVSS7AI score0.00293EPSS
Exploits0References1
OSV
OSV
added 2025/01/03 4:15 p.m.16 views

GHSA-CWRH-575J-8VR3 Karmada Tar Slips in CRDs archive extraction

Impact What kind of vulnerability is it? Who is impacted? Both in karmadactl and karmada-operator, it is possible to supply a filesystem path, or an HTTPs URL to retrieve the custom resource definitionsCRDs needed by karmada. The CRDs are downloaded as a gzipped tarfile and are vulnerable to a...

5.3CVSS9.4AI score0.00708EPSS
Exploits0References7
NVD
NVD
added 2023/05/26 11:15 p.m.29 views

CVE-2023-32676

Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the Install assessment functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted T...

7.2CVSS6.5AI score0.00906EPSS
Exploits0References3
Prion
Prion
added 2023/05/26 11:15 p.m.13 views

Code injection

Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the Install assessment functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted T...

5.8CVSS6.8AI score0.00906EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/05/26 10:44 p.m.22 views

CVE-2023-32676 Autolab tar slip in Install Assessment functionality (`GHSL-2023-081`)

Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the Install assessment functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted T...

6.7CVSS6.7AI score0.00906EPSS
Exploits0References5
OSV
OSV
added 2023/05/26 10:42 p.m.23 views

CVE-2023-32317 Autolab tar slip in cheat checker functionality (`GHSL-2023-082`)

Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the MOSS cheat checker functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted T...

6.7CVSS6.9AI score0.00887EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.4 views

Autolab 路径遍历漏洞

Autolab is a course management service. It supports automatically graded programming assignments. A security vulnerability exists in Autolab version 2.10.0 and earlier, which stems from a Tar slip vulnerability found in Autolab's Installation Evaluation feature, which can be exploited by an...

7.2CVSS6.9AI score0.00906EPSS
Exploits0References3
Rows per page
Query Builder