42 matches found
EUVD-2026-42769
decompress before 4.2.2 contains an improper path containment check that enables directory traversal and arbitrary file write. The safeMakeDir function index.js line 29 and the extraction path validation index.js line 106 use String.indexOf to verify the resolved path is within the output...
Directory Traversal
Overview decompress is a package that can be used for extracting archives. Affected versions of this package are vulnerable to Directory Traversal via improper validation in the safeMakeDir function and extraction path validation process. An attacker can write arbitrary files outside the intended...
CVE-2026-39245
decompress before 4.2.2 contains an improper path containment check that enables directory traversal and arbitrary file write. The safeMakeDir function index.js line 29 and the extraction path validation index.js line 106 use String.indexOf to verify the resolved path is within the output...
dotnet: .NET: Local file tampering via link following vulnerability
A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...
EUVD-2026-39447
The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...
OPENSUSE-SU-2026:21038-1 Security update for 7zip
This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...
CVE-2026-42497
A flaw was found in perl-Archive-Tar. This vulnerability allows an attacker to craft a malicious tar archive that, when extracted, can create hardlinks to arbitrary files outside the intended extraction directory. This could lead to the modification of sensitive files on the system, potentially...
CVE-2026-10621
Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directo...
CVE-2026-42497
Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...
CVE-2026-43888
Outline is a service that allows for collaborative documentation. Prior to 1.7.0, ZipHelper.extract computes the extraction path for each entry by passing a full filesystem path through trimFileAndExt, a filename helper that calls path.basename on its input when truncating. When a zip entry's...
GHSA-P3H2-2J4P-P83G MCPHub has Path Traversal via Malicious MCPB Manifest Name
MCPB File Upload Handler extracts a ZIP file and reads manifest.json from it. The name field in the manifest is directly concatenated into a file path line 107 without any sanitization or path traversal character validation. An attacker can craft a malicious MCPB file where manifest.name is set t...
CVE-2026-41245
A flaw was found in Junrar, an open-source Java RAR archive library. A path traversal vulnerability in the LocalFolderExtractor allows a remote attacker to write arbitrary files with attacker-controlled content into sibling directories. This occurs when a specially crafted RAR archive is extracte...
SUSE CVE-2026-23907
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
EUVD-2026-10480
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.36, from 3.0.0 through 3.0.7. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
GHSA-JJWR-XMW6-GF78 Apache PDFBox has Path Traversal through PDComplexFileSpecification.getFilename() function
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
CVE-2026-23907
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.36, from 3.0.0 through 3.0.7. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
CVE-2026-23907 Apache PDFBox Examples: Path Traversal in PDFBox ExtractEmbeddedFiles Example Code
This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability CWE-22 because the filename that is obtained from PDComplexFileSpecification.getFilename is appended...
PT-2026-24199
Name of the Vulnerable Software and Affected Versions Apache PDFBox versions 2.0.24 through 2.0.36 Apache PDFBox versions 3.0.0 through 3.0.7 Description The ExtractEmbeddedFiles example within Apache PDFBox contains a path traversal issue. The filename obtained from...
Arbitrary File Write via Validation/Extraction Path Mismatch in nltk.downloader._unzip_iter()
This report is not public...
PT-2026-22407
Name of the Vulnerable Software and Affected Versions kaniko versions 1.25.4 through 1.25.9 Description kaniko is a tool used to build container images from a Dockerfile within a container or Kubernetes cluster. Versions from 1.25.4 up to, but not including, 1.25.10 improperly handle the extracti...