Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/24 3:32 a.m.7 views

CVE-2026-3067

A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/CommandUtils.java of the component Archive Extraction. The manipulation leads to path traversal...

6.5CVSS5AI score0.00491EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/24 3:32 a.m.8 views

EUVD-2026-7396

A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/CommandUtils.java of the component Archive Extraction. The manipulation leads to path traversal...

8.8CVSS5AI score0.00491EPSS
Exploits1References4
OSV
OSV
added 2025/10/30 5:15 p.m.5 views

UBUNTU-CVE-2025-12060

The keras.utils.getfile API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special...

8.9CVSS7.4AI score0.00593EPSS
Exploits0References4
OSV
OSV
added 2025/10/30 5:10 p.m.5 views

CVE-2025-12060 Keras keras.utils.get_file Utility Path Traversal Vulnerability

The keras.utils.getfile API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special...

8.9CVSS7.4AI score0.00593EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/03/22 12:20 p.m.9 views

CVE-2024-12216

A vulnerability in the ImageClassificationDataset.fromcsv API of the dmlc/gluon-cv repository, version 0.10.0, allows for arbitrary file write. The function downloads and extracts tar.gz files from URLs without proper sanitization, making it susceptible to a TarSlip vulnerability. Attackers can...

7.1CVSS7AI score0.00293EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/04/29 8:12 p.m.4 views

source-to-image: Improper path sanitization in ExtractTarStreamFromTarReader in tar/tar.go

A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation...

8.8CVSS5.7AI score0.02418EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/04/28 3:37 a.m.6 views

source-to-image: Improper path sanitization in ExtractTarStreamFromTarReader in tar/tar.go

A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation...

8.8CVSS5.7AI score0.02418EPSS
Exploits0References5
Rows per page
Query Builder