5 matches found
EUVD-2025-25049
Malicious code in bioql PyPI...
GHSA-WJRX-6529-HCJ3 HashiCorp go-getter Vulnerable to Symlink Attacks
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...
CVE-2025-8959
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...
CVE-2025-8959
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...
The vulnerability of server-based corporate software for monitoring and managing project knowledge bases in Adobe RoboHelp Server lies in its ability to load files beyond the expected directory limits, allowing attackers to execute arbitrary code.
The vulnerability of server-based corporate software for project monitoring and management in Adobe RoboHelp Server relates to the ability to load arbitrary files beyond the expected directory structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the...