10 matches found
CVE-2025-11842
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is...
GHSA-9RVM-P3QM-F4VV Smidge is vulnerable to Path Traversal
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is...
Smidge is vulnerable to Path Traversal
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is...
CVE-2025-11842
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is...
CVE-2025-11842
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the Bundle Handler component when processing the Version argument. An attacker can access or modify files outside the intended directory by supplying crafted input remotely. Details A Directory Traversal attack...
CVE-2025-11842 Shazwazza Smidge Bundle path traversal
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is...
CVE-2025-11842 Shazwazza Smidge Bundle path traversal
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is...
CVE-2025-11842
The CVE-2025-11842 entry concerns Smidge (up to 4.5.1) with a path traversal vulnerability in the Bundle Handler that abuses the Version argument. This enables remote access to files outside the intended directory. A fix is available: upgrade Smidge Core to version 4.6.0 or higher. Connected sour...
Smidge 路径遍历漏洞
Smidge is a file compression, composition, compression, and management library from the individual developer Shannon Deminick. A path traversal vulnerability exists in Smidge 4.5.1 and earlier versions, which stems from the incorrect manipulation of the parameter Version in the Bundle Handler...