28 matches found
CVE-2026-44112 OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44112
OpenClaw OpenShell has a TOCTOU race condition in sandbox filesystem writes that lets an attacker redirect writes outside the sandbox mount root by exploiting symlink swaps during filesystem operations. This affects OpenClaw versions prior to 2026.4.22. The issue’s root cause is a time-of-check/t...
RHCOS 4 : OpenShift Container Platform 4.17.47 (RHSA-2026:0701)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0701 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
Security update for python3
This update for python3 fixes the following issues: Security fixes: CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter="data" bsc1244032 CVE-2025-4330: Fixed extraction filter bypass for linking outside extraction directory bsc1244060...
Alibaba Cloud Linux 3 : 0003: container-tools:an8 (ALINUX3-SA-2026:0003)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0003 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-52881: runc is a CLI tool for spawning and...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2210)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2242)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Allows arbitrary filesystem writes outside the extraction directory during extraction with filter='data'. You are affected by this vulnerability ...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2210)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Allows arbitrary filesystem writes outside the extraction directory during extraction with filter='data'. You are affected by this vulnerability ...
EUVD-2025-16736
Malicious code in bioql PyPI...
CBL Mariner 2.0 Security Update: python3 (CVE-2025-4517)
The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4517 advisory. - Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data. You...
BIT-PYTHON-MIN-2025-4517 Arbitrary writes via tarfile realpath overflow
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...
BIT-PYTHON-2025-4517 Arbitrary writes via tarfile realpath overflow
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...
Security update for python313
This update for python313 fixes the following issues: Update to version 3.13.5. Security issues fixed: CVE-2025-4517: arbitrary filesystem writes outside the extraction directory during extraction with filter="data" bsc1244032 CVE-2025-4516: use-after-free in the unicode-escape decoder when using...
SUSE-SU-2025:02074-1 Security update for python313
This update for python313 fixes the following issues: Update to version 3.13.5. Security issues fixed: - CVE-2025-4517: arbitrary filesystem writes outside the extraction directory during extraction with filter='data' bsc1244032 - CVE-2025-4516: use-after-free in the unicode-escape decoder when...
CVE-2025-4517
A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall or TarFile.extract methods with the extraction filter parameter set to "data" or "tar"...
CVE-2025-4517
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...
ALPINE-CVE-2025-4517
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...
CVE-2025-4517
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...
PSF-2025-9
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...