Lucene search
K

6 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42769

decompress before 4.2.2 contains an improper path containment check that enables directory traversal and arbitrary file write. The safeMakeDir function index.js line 29 and the extraction path validation index.js line 106 use String.indexOf to verify the resolved path is within the output...

6.2CVSS6AI score0.00272EPSS
Exploits1References5
NVD
NVD
added 5 days ago7 views

CVE-2026-39245

decompress before 4.2.2 contains an improper path containment check that enables directory traversal and arbitrary file write. The safeMakeDir function index.js line 29 and the extraction path validation index.js line 106 use String.indexOf to verify the resolved path is within the output...

6.2CVSS0.00272EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.8 views

PT-2026-24199

Name of the Vulnerable Software and Affected Versions Apache PDFBox versions 2.0.24 through 2.0.36 Apache PDFBox versions 3.0.0 through 3.0.7 Description The ExtractEmbeddedFiles example within Apache PDFBox contains a path traversal issue. The filename obtained from...

5.3CVSS5.8AI score0.00886EPSS
Exploits0References19
NVD
NVD
added 2026/01/28 7:16 p.m.11 views

CVE-2025-69601

A directory traversal Zip Slip vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences e.g., ../ in ZIP entries to write files...

6.5CVSS0.00632EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.8 views

PT-2025-49047

Name of the Vulnerable Software and Affected Versions alexusmai laravel-file-manager versions 3.3.1 and below Description The laravel-file-manager software contains a flaw related to directory traversal. The unzip/extraction functionality does not properly validate extraction paths, which allows...

9.1CVSS6.4AI score0.00894EPSS
Exploits1References7
OSV
OSV
added 2025/12/04 12:0 a.m.5 views

CVE-2025-65346

alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths...

9.1CVSS6.9AI score0.00894EPSS
Exploits1References5
Rows per page
Query Builder