Vulners
Lucene search
2 matches found
EUVD-2022-3393
Malicious code in bioql PyPI...
9.8CVSS9.3AI score0.02707EPSS
Exploits1References7
CVE-2022-25842
All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip using a specially crafted archive that holds directory traversal filenames e.g. ../../evil.exe. The attacker can overwrite executable files and either invoke...
9.8CVSS0.02707EPSS
Exploits1References4
20