Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/11/08 7:41 a.m.5 views

CVE-2025-64346

archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...

6CVSS6.9AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2025/11/07 6:15 a.m.10 views

CVE-2025-64346

archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...

6CVSS0.00352EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/07 5:32 a.m.2 views

CVE-2025-64346 archives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...

6CVSS6.5AI score0.00352EPSS
Exploits0References2
CVE
CVE
added 2025/11/07 5:32 a.m.16 views

CVE-2025-64346

The CVE affects the Go library archives (version 1.0.0) used for extracting archives (tar, zip, etc.). Root cause: improper handling/limitation of pathnames allows a specially crafted archive to cause remote code execution or file modifications when processed by the importing program. Impact depe...

6CVSS6.5AI score0.00352EPSS
Exploits0References2
Rows per page
Query Builder