12 matches found
EUVD-2023-0883
Malicious code in bioql PyPI...
CVE-2023-28105
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
GHSA-5G39-PPWG-6XX8 Go-huge-util vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.0.34, Please upgrade version to v0.0.34 or above. Workarounds No, users have to upgrade...
CVE-2023-28105
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
Path traversal
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
CVE-2023-28105 Go-huge-util vulnerable to path traversal when unzipping files
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
CVE-2023-28105
CVE-2023-28105 concerns the go-huge-util Go package. A ZipSlip/path-traversal flaw affects versions prior to 0.0.34 when unzipping archives via the fsutil/zip.Unzip function, allowing a malicious zip to escape the target directory. The issue is fixed in 0.0.34; there are no publicly documented wo...
CVE-2023-28105 Go-huge-util vulnerable to path traversal when unzipping files
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
CVE-2023-28105 Go-huge-util vulnerable to path traversal when unzipping files
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
Goutil vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...
GHSA-FX2V-QFHR-4CHV Goutil vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...
PT-2023-21152 · Goutil · Goutil
Name of the Vulnerable Software and Affected Versions: Goutil versions prior to 0.6.0 Description: The issue is related to a ZipSlip vulnerability, which occurs when users use fsutil.Unzip to unzip zip files from a malicious attacker, potentially leading to path traversal attacks due to improper...