Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.9 views

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.6AI score0.00152EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/03 2:23 a.m.13 views

SUSE CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.9AI score0.00152EPSS
Exploits0References3
NVD
NVD
added 2026/06/02 2:16 p.m.10 views

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS0.00152EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/02 1:41 p.m.9 views

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.9AI score0.00152EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/02 1:41 p.m.10 views

EUVD-2026-33926

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.9AI score0.00152EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/02 1:41 p.m.38 views

CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS0.00152EPSS
Exploits0References4
OSV
OSV
added 2026/06/02 1:41 p.m.7 views

EEF-CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Summary Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to...

5.6CVSS5.9AI score0.00152EPSS
Exploits0References3
CVE
CVE
added 2026/06/02 1:41 p.m.51 views

CVE-2026-43965

Gleam path traversal vulnerability CVE-2026-43965 allows arbitrary directory deletion via malicious build/packages/packages.toml content. During deps download, package keys read from build/packages/packages.toml are passed to path construction without validation, enabling absolute or relative tra...

5.6CVSS5.9AI score0.00152EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/03/04 6:49 p.m.8 views

4game-support-ckeditor5-custom-build (>=0.0.1 <=0.0.5), 87-midnight-ckeditor5 (>=0.0.3 <=0.0.5) +663 more potentially affected by CVE-2026-28343 via @ckeditor/ckeditor5-html-support (>=29.2.0 <=47.6.0-alpha.9)

@ckeditor/ckeditor5-html-support NPM version =29.2.0, =0.0.1, =0.0.3, =0.0.1, =0.0.1, =42.0.1, =2.0.0, =0.7.0, =0.0.6, =1.0.1, =0.0.1, =0.0.1, =1.0.0, =36.0.0, =0.0.2, =1.1.0, =3.1.1 and more Source cves: CVE-2026-28343 Source advisory: OSV:GHSA-JRQM-VMQC-GM93...

6.4CVSS5.7AI score0.00268EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/20 7:54 p.m.6 views

@angular/build (>=20.2.0-next.3 <=21.0.0-next.8), @brendonovich/solidjs__start (>=0.0.0 <=0.0.3) +8 more potentially affected by CVE-2025-62522 via vite (>=7.1.0 <=7.1.10)

vite NPM version =7.1.0, =20.2.0-next.3, =0.0.0, =2.20.3, =2.20.3, =0.0.12, =2.2.17, =2.2.17, =1.0.0, =2.20.3, =0.25.0-alpha.0, =0.25.0-alpha.1 Source cves: CVE-2025-62522 Source advisory: OSV:GHSA-93M4-6634-74Q7...

6CVSS6AI score0.01031EPSS
Exploits0
Rows per page
Query Builder