2 matches found
CVE-2026-5704
A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...
Arbitrary File Upload
Overview Affected versions of this package are vulnerable to Arbitrary File Upload. An attacker can introduce unauthorized files with arbitrary content by providing a specially crafted archive that bypasses pre-extraction inspection mechanisms. Workaround This vulnerability can be mitigated by...