Lucene search
K

9 matches found

Packet Storm
Packet Storm
added 2025/04/30 12:0 a.m.87 views

📄 unzip-stream 0.3.1 Arbitrary File Write

unzip-stream version 0.3.1 suffers from an arbitrary file write vulnerability. Exploit Title: unzip-stream 0.3.1 - Arbitrary File Write Date: 18th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mhr3/unzip-stream Version: unzip-stream 0.3.1 Tested on: Ubunt...

7.5CVSS9.5AI score0.03037EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/04/30 12:0 a.m.307 views

unzip-stream 0.3.1 - Arbitrary File Write

Exploit Title: unzip-stream 0.3.1 - Arbitrary File Write Date: 18th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mhr3/unzip-stream Version: unzip-stream 0.3.1 Tested on: Ubuntu CVE: CVE-2024-42471 NB: Python's built-in zipfile module has limitations on t...

7.5CVSS7.4AI score0.03037EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/02/05 2:28 a.m.7 views

CVE-2024-42471

actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of actions/artifact on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for extracting a specifically crafted...

7.5CVSS7.6AI score0.03037EPSS
Exploits4References1
OSV
OSV
added 2024/09/03 8:55 p.m.18 views

GHSA-CXWW-7G56-2VH6 @actions/download-artifact has an Arbitrary File Write via artifact extraction

Impact Versions of actions/download-artifact before 4.1.3 are vulnerable to arbitrary file write when downloading and extracting a specifically crafted artifact that contains path traversal filenames. Patches Upgrade to version 4.1.3 or higher. Alternatively use 'v4' tag which points to the lates...

8.6CVSS7.3AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/09/03 8:55 p.m.89 views

@actions/download-artifact has an Arbitrary File Write via artifact extraction

Impact Versions of actions/download-artifact before 4.1.3 are vulnerable to arbitrary file write when downloading and extracting a specifically crafted artifact that contains path traversal filenames. Patches Upgrade to version 4.1.3 or higher. Alternatively use 'v4' tag which points to the lates...

7.5CVSS7.3AI score0.03037EPSS
Exploits4References5Affected Software1
OSV
OSV
added 2024/09/03 8:8 p.m.18 views

GHSA-6Q32-HQ47-5QQ3 @actions/artifact has an Arbitrary File Write via artifact extraction

Impact Versions of actions/artifact before 2.1.7 are vulnerable to arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for extracting a specifically crafted artifact that contains path traversal filenames. Patches Upgrade to version 2.1.7 or...

8.6CVSS7.3AI score0.03037EPSS
Exploits4References9
Github Security Blog
Github Security Blog
added 2024/09/03 8:8 p.m.42 views

@actions/artifact has an Arbitrary File Write via artifact extraction

Impact Versions of actions/artifact before 2.1.7 are vulnerable to arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for extracting a specifically crafted artifact that contains path traversal filenames. Patches Upgrade to version 2.1.7 or...

7.5CVSS7.3AI score0.03037EPSS
Exploits4References9Affected Software1
NVD
NVD
added 2024/09/02 6:15 p.m.20 views

CVE-2024-42471

actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of actions/artifact on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for extracting a specifically crafted...

7.5CVSS0.03037EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2024/09/02 4:13 p.m.15 views

CVE-2024-42471 Arbitrary File Write via artifact extraction in actions/artifact

actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of actions/artifact on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for extracting a specifically crafted...

7.3CVSS7.4AI score0.03037EPSS
Exploits4References3
Rows per page
Query Builder