Lucene search
K

6 matches found

Snyk
Snyk
added 2025/09/17 8:42 p.m.2 views

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to using os.MkdirAll function which does not perform any permission checks when a given directory path already exists. An attacker can gain unauthorized access or modify files by...

5.1CVSS6.6AI score0.00106EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 8:42 p.m.2 views

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to using os.MkdirAll function which does not perform any permission checks when a given directory path already exists. An attacker can gain unauthorized access or modify files by...

5.1CVSS6.6AI score0.00106EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 8:42 p.m.1 views

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to using os.MkdirAll function which does not perform any permission checks when a given directory path already exists. An attacker can gain unauthorized access or modify files by...

5.1CVSS6.6AI score0.00106EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 8:11 p.m.2 views

Use of Weak Hash

Overview Affected versions of this package are vulnerable to Use of Weak Hash like the Md5 hash. An attacker can bypass file integrity verification by generating files with colliding MD5 hashes and distributing malicious content that passes integrity checks. Remediation Upgrade...

6.9CVSS6.6AI score0.00152EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:27 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CreatePreheat process and peer-to-peer communication mechanisms. An attacker can access internal network resources by supplying crafted URLs to API endpoints or by leveraging peer requests,...

8.7CVSS6.7AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/17 7:27 p.m.2 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CreatePreheat process and peer-to-peer communication mechanisms. An attacker can access internal network resources by supplying crafted URLs to API endpoints or by leveraging peer requests,...

8.7CVSS6.7AI score0.00231EPSS
Exploits0References2
Rows per page
Query Builder