6 matches found
EUVD-2024-54850
Malicious code in bioql PyPI...
CVE-2024-8244
The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU time of check/time of use race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress...
CVE-2024-8244 Walk/WalkDir in path/filepath susceptible to symlink race
The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU time of check/time of use race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress...
CVE-2024-8244 Walk/WalkDir in path/filepath susceptible to symlink race
The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU time of check/time of use race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress...
CVE-2024-8244
The CVE concerns Go’s filepath.Walk and filepath.WalkDir, which are documented to not follow symbolic links and are subject to a TOCTOU race where a path segment can be replaced by a symlink during traversal. The material here does not specify affected versions, exact vulnerable components beyond...
CVE-2021-21694
FilePathtoURI, FilePathhasSymlink, FilePathabsolutize, FilePathisDescendant, and FilePathgetDiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier...