6 matches found
EUVD-2023-0883
Malicious code in bioql PyPI...
Path traversal
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
CVE-2023-28105 Go-huge-util vulnerable to path traversal when unzipping files
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
CVE-2023-28105 Go-huge-util vulnerable to path traversal when unzipping files
go-used-util has commonly used utility functions for Go. Versions prior to 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use zip.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fixed in version...
Goutil vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...
GHSA-FX2V-QFHR-4CHV Goutil vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...