16 matches found
EUVD-2022-3332
Malicious code in bioql PyPI...
GHSA-98WX-CW86-C97X mixlib-archive Path Traversal vulnerability
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using .. in tar archive entries...
mixlib-archive Path Traversal vulnerability
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using .. in tar archive entries...
mixlib-archive Path Traversal vulnerability
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using .. in tar archive entries...
Information Disclosure
chef is vulnerable to information disclosure. When you knife bootstrap a node, the validation key is printed into the logs found at /var/log/messages...
Chef Software Directory Traversal Vulnerability
Chef Software is a set of server application configuration tools written in Ruty and Erlang by Chef Software. mixlib-archive is one of the gem extraction archive tools. A directory traversal vulnerability exists in Chef Software in versions 0.3.0 and earlier of mixlib-archive. A remote attacker c...
Debian DSA-3915-1 : ruby-mixlib-archive - security update
It was discovered that ruby-mixlib-archive, a Chef Software's library used to handle various archive formats, was vulnerable to a directory traversal attack. This allowed attackers to overwrite arbitrary files by using a malicious tar archive containing '..' in its entries. %NASLMINLEVEL 70300 C...
[SECURITY] [DSA 3915-1] ruby-mixlib-archive security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3915-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 20, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3915-1 (ruby-mixlib-archive - security update)
It was discovered that ruby-mixlib-archive, a Chef Software OpenVAS Vulnerability Test $Id: deb3915.nasl 6800 2017-07-26 06:58:22Z cfischer $ Auto-generated from advisory DSA 3915-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2017 Greenbone Networks GmbH...
CVE-2017-1000026
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...
CVE-2017-1000026
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...
Directory traversal
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...
CVE-2017-1000026
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...
CVE-2017-1000026
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...
CVE-2017-1000026
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...
CVE-2017-1000026
CVE-2017-1000026 affects Chef Software’s Ruby library mixlib-archive (versions ≤ 0.3.0). A directory traversal flaw allows an attacker to overwrite arbitrary files by placing .. in tar archive entries. The vulnerability impact is demonstrated in multiple advisories; Debian fixed it in ruby-mixlib...