4 matches found
CVE-2025-64346
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
CVE-2025-64346
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
CVE-2025-64346 archives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
archives is a Go library for extracting archives tar, zip, etc.. Version 1.0.0 does not prevent a malicious user to feed a specially crafted archive to the library causing RCE, modification of files or other malignancies in the context of whatever the user is running this library as, through the...
CVE-2025-64346
The CVE affects the Go library archives (version 1.0.0) used for extracting archives (tar, zip, etc.). Root cause: improper handling/limitation of pathnames allows a specially crafted archive to cause remote code execution or file modifications when processed by the importing program. Impact depe...