CVE-2025-55013
The CVE-2025-55013 issue affects Assemblyline 4 Service Client. The task_handler.py component accepts a SHA-256 value from the server and uses it directly as a local filename, enabling a path traversal when the server (or a MITM) returns a payload like ../../../etc/cron.d/evil. This can cause the...