9 matches found
CVE-2025-64346
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
CVE-2025-64346
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
CVE-2025-64346
The CVE affects the Go library archives (version 1.0.0) used for extracting archives (tar, zip, etc.). Root cause: improper handling/limitation of pathnames allows a specially crafted archive to cause remote code execution or file modifications when processed by the importing program. Impact depe...
CVE-2025-64346 archives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
CVE-2025-64346 archives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
CVE-2025-64346 archives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
archives 路径遍历漏洞
archives is a cross-platform, multi-format Go library from the French personal developer Matt Holt. A path traversal vulnerability exists in archives version 1.0.0, which stems from a lack of effective protection for specially crafted zip archives and could lead to remote code execution or file...
PT-2025-45412
Name of the Vulnerable Software and Affected Versions archives version 1.0.0 Description archives is a Go library used for extracting archives such as tar and zip files. Version 1.0.0 does not adequately prevent a malicious user from providing a specially crafted archive that could lead to Remote...
archives 路径遍历漏洞
archives is a cross-platform, multi-format Go library by the individual developer Matt Holt in France. A path traversal vulnerability exists in archives, which stems from a path traversal attack that could lead to arbitrary file overwrites...