46 matches found
CVE-2026-33430
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
PYSEC-2026-27
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
fpyo2apk (>=1.0.0 <=1.1.4), fpyo2ipa (=1.2.0) +1 more potentially affected by CVE-2026-33430 via briefcase (>=0.3.14 <=0.3.23)
briefcase PYPI version =0.3.14, =1.0.0, =0.1.1, =0.2.2 Source cves: CVE-2026-33430 Source advisory: OSV:PYSEC-2026-27...
PYSEC-2026-27
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430
Summary of CVE-2026-33430 and related advisory : The connected OSV/GHSA entries describe a Windows MSI installerPrivilege Escalation in Briefcase when used to create per-machine (All Users) installations. The installation process can create a directory that inherits the permissions of its parent,...
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
Briefcase Windows Visual Studio Template 安全漏洞
The Briefcase Windows Visual Studio Template is an open-source project created by BeeWare for generating Visual Studio projects that are used to create Windows application installation packages. Versions of the Briefcase Windows Visual Studio Template prior to version 0.3.26 contained security...
fpyo2apk (>=1.0.0 <=1.1.4), fpyo2ipa (=1.2.0) +1 more potentially affected by CVE-2026-33430 via briefcase (>=0.3.14 <=0.3.23)
briefcase PYPI version =0.3.14, =1.0.0, =0.1.1, =0.2.2 Source cves: CVE-2026-33430 Source advisory: OSV:GHSA-R3R2-35V9-V238...
Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Impact If a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, the installation process creates an directory that inherits all the permissions of the parent directory. Depending on the location chosen by...
GHSA-R3R2-35V9-V238 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Impact If a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, the installation process creates an directory that inherits all the permissions of the parent directory. Depending on the location chosen by...
PT-2026-27282
Name of the Vulnerable Software and Affected Versions Briefcase versions 0.3.0 through 0.3.25 Description Briefcase, a tool for converting Python projects into standalone native applications, has an issue where the installation process for Windows MSI installers, when set to install for All Users...
EUVD-2026-13694
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
Zimbra Collaboration 安全漏洞
Zimbra Collaboration is an open-source enterprise-level email and collaboration platform developed by Zimbra Corporation. It supports email, calendar, document management, and team collaboration features. Versions 10.0 and 10.1 of Zimbra Collaboration contain security vulnerabilities. These...