BIT-PYTHON-2026-3479 pkgutil.get_data() does not enforce documented restrictions

pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...

CVE-2026-3479

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the pkgutil.getdata function. An attacker can access files and directories outside the intended root directory by supplying crafted input to the resource argument. Details A Directory Traversal attack also known ...

iparking SQL Injection Vulnerability

iparking is fhsopensource open source a parking fee management system . iparking 1.5.22.RELEASE version of the SQL injection vulnerability , the vulnerability stems from the function getData SQL injection vulnerability...

DEBIAN-CVE-2020-19724

A memory consumption issue in getdata function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command...

GNU Binutils 安全漏洞

GNU Binutils is a set of open source tools for working with binary files such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils, which stems from a memory...

PT-2020-6940 · Gnu +2 · Gnu Nm +2

Name of the Vulnerable Software and Affected Versions: GNU nm versions prior to 2.34 Description: The issue is related to a memory consumption problem in the get data function in binutils/nm.c. This allows attackers to cause a denial of service via crafted commands. The vulnerability is associate...