Lucene search
+L

10 matches found

CVE
CVE
added 3 days ago15 views

CVE-2026-43637

Cornac before 2.6.0 is affected by a path traversal (Tar Slip) in the _extract_archive() function (cornac/utils/download.py). The vulnerability allows an attacker to write arbitrary files outside the intended cache directory by supplying crafted TAR archives with ../ sequences, absolute paths, or...

9.1CVSS6.2AI score0.00425EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-44669

Cornac before 2.6.0 contains a path traversal Tar Slip vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containing ../ sequences, absolute paths, or symlink/hardlink entries to the extractarchive function in...

9.1CVSS6.2AI score0.00425EPSS
Exploits0References4
CVE
CVE
added 2026/05/08 10:55 p.m.15 views

CVE-2026-42453

Termix is affected by a command injection in the file-manager.ts endpoints extractArchive and compressFiles due to the use of double-quoted strings for shell construction, enabling $(command) substitution on the remote SSH host. This vulnerability (CVE-2026-42453) can lead to arbitrary command ex...

8.7CVSS5.8AI score0.01207EPSS
Exploits0References2
OSV
OSV
added 2026/05/08 10:55 p.m.4 views

CVE-2026-42453 Termix: Command injection in extractArchive/compressFiles via double-quote escaping bypass

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, the extractArchive and compressFiles endpoints in file-manager.ts use double-quoted strings for shell command construction, unlike all other file manager operation...

8.7CVSS6AI score0.01207EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/14 1:11 a.m.6 views

Directory Traversal

Overview gdown is a Google Drive Public File/Folder Downloader Affected versions of this package are vulnerable to Directory Traversal via the extractall function. An attacker can overwrite arbitrary files on the file system by supplying a maliciously crafted ZIP or TAR archive containing path...

7.8CVSS6.3AI score0.00575EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/30 1:16 a.m.1 views

CVE-2025-15036 Path Traversal Vulnerability in mlflow/mlflow

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

9.6CVSS6AI score0.00587EPSS
Exploits1References2
OSV
OSV
added 2026/03/30 1:16 a.m.2 views

CVE-2025-15036 Path Traversal Vulnerability in mlflow/mlflow

A path traversal vulnerability exists in the extractarchivetodir function within the mlflow/pyfunc/dbconnectartifactcache.py file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An...

9.6CVSS7.3AI score0.00587EPSS
Exploits1References7
Huntr
Huntr
added 2025/12/23 1:15 a.m.11 views

MLflow Tarfile Path traversal in mlflow/mlflow

Description Vulnerability Report: Unsafe Tar Extraction Path Traversal Due to the lack of path traversal verification in the tar decompression part, it may lead to the possibility of overwriting any file or gaining elevated privileges. This is a non-expected vulnerability. Location File:...

10CVSS7.2AI score0.00587EPSS
Exploits1
CVE
CVE
added 2023/07/25 7:41 p.m.122 views

CVE-2023-37460

CVE-2023-37460 affects Plexis Archiver (Plexus Archiver) prior to version 4.8.0. The issue arises when extracting archives with an entry that already exists as a symlink whose target does not exist; resolveFile() returns the symlink source instead of the target, allowing subsequent Files.newOutpu...

9.8CVSS9.2AI score0.0207EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2006/11/24 6:0 p.m.79 views

CVE-2006-6097

Summary: CVE-2006-6097 affects GNU tar (notably v1.15.1 and v1.16) due to improper handling of GNUTYPE_NAMES symlink records during extraction, enabling a user-assisted attacker to overwrite arbitrary files. Multiple advisories report the issue as a path-traversal vulnerability in tar extraction,...

4CVSS7.5AI score0.11084EPSS
Exploits1References43Affected Software1
Rows per page
Query Builder