Lucene search
K

7 matches found

OSV
OSV
added 2026/06/24 1:10 p.m.6 views

OESA-2026-2695 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

8.2CVSS5.8AI score0.00622EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/06 2:54 a.m.14 views

SUSE CVE-2026-7774

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

7.5CVSS5.4AI score0.00622EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 4:16 p.m.16 views

UBUNTU-CVE-2026-7774

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

6.9CVSS5.3AI score0.00622EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/04 2:21 p.m.9 views

CVE-2026-7774 tarfile.data_filter path traversal bypass allows writing outside the extraction directory

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

6.9CVSS5.8AI score0.00622EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:21 p.m.7 views

CVE-2026-7774

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

6.9CVSS5.8AI score0.00622EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/04 2:21 p.m.10 views

CVE-2026-7774

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

6.9CVSS5.8AI score0.00622EPSS
Exploits0
OSV
OSV
added 2026/06/04 2:21 p.m.11 views

PSF-2026-26

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

6.9CVSS5.8AI score0.00622EPSS
Exploits0References10
Rows per page
Query Builder