3 matches found
CVE-2023-35852
creationtimestamp| type| source ---|---|--- 2023-06-19 12:28:31+00:00| seen| https://t.me/cibsecurity/65327...
CVE-2023-35852
In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...
CVE-2023-35852
CVE-2023-35852 is a Suricata vulnerability where, before version 6.0.13, an adversary controlling an external source of rules could cause a dataset filename (from a rule) to trigger absolute or relative directory traversal, enabling write access to a local filesystem. The issue arises in the rule...