3 matches found
SUSE: Security Advisory (SUSE-SU-2022:4606-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-21272
creationtimestamp| type| source ---|---|--- 2021-01-25 22:34:02+00:00| seen| https://t.me/cibsecurity/22560...
CVE-2021-21272
CVE-2021-21272 affects ORAS prior to 0.9.0, where the archive extraction feature (zip-slip via directory support) can write/overwrite files outside the target directory when processing crafted tarballs. This impacts ORAS CLI users running oras pull or Go programs using github.com/deislabs/oras/pk...